Example of Http Injection Attack

Question

I am trying to find a good example of an http Injection attack so I can understand this threat better....

Answer 1

I think you mean HTTP Header Injection? This is also known as CRLF Injection, or HTTP Response Splitting and/or Smuggling.

The OWASP Testing Guide is a good start: https://www.owasp.org/index.php/Testing_for_HTTP_Splitting/Smuggling_(OWASP-DV-016)

If you'd like more details I'd recommend looking into Amit Kleins work: http://www.packetstormsecurity.org/papers/general/whitepaper_httpresponse.pdf

Answer 2

The OWASP Web site is always a good place to start with web security problems: OWASP HTML Injection