Why Are CRLF Injections Dangerous?

In the world of computers there are a lot of different infections that you can get. Some may affect your actual computer system while others may be able to only infect the web page that you have on your server. Whatever the case may be, you have to be able to stop them all from taking your web presence or your system down. To help with that, we try to highlight some of the less common ones that you might not be aware of. There are plenty of bad guys out on the web and they have the time and the resources to come up with many different types of infections that can harm you. One of these is known as a CRLF injection.

Why Are CRLF Injections Dangerous?

What is a CRLF injection?

A CRLF injection attack is when the hacker writes a special piece of code that will attack the line break of a web protocol. If you are very familiar with computers then you have probably already seen the letters CRLF before. They stand for Carriage Return and Line Feed. When you are writing anything on the computer and you hit the Enter or Return button to go to the next line then you are creating a CRLF. This is a special piece of text that you cannot see but your editor can that will tell your computer whether or not to go to the next line. A text editor is not the only part of your computer that uses this CRLF line. Other parts of your system use this technique as well. These parts of the system include your MIME which is email, your NNTP which is newsgroups, and your HTTP which is how your internet stream is transmitted. And this is how CRLF attacks are able to hurt you.

A black hat hacker finds code that is unprotected on the internet and injects their own CRLF code to replace the normal CRLF that you would normally find. They do this by creating a special url which has your sites name but the code “%0d%0a” is in there. This is where the CRLF injection is at and it will load html for your server onto the victim’s machine. But the HTML is not created by you but the bad guys. As you can probably tell that is very dangerous.

A CRLF attack is something that you have to be aware of it. You can prevent it happening to your web site by sanitizing all data that comes into the web site.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind