Hackaday - Security This Week: Racoons in My TLS, Bypassing Frontends, and Obscurity

Posted on Sep 11, 2020 12:19:17 PM

Jake Miller's recent blog on h2c request smuggling was covered in Hackaday. In the post, Jake demonstrates how upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers.

Read more here


Submit a Media Request

Please get in touch with our PR Team for any press or PR related inquiries.

Email: contact@bishopfox.com


Subscribe to Updates