Installation of CRLFuzz Tool on Kali Linux
Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.
go version
Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.
cd Desktop
Step 3: You are on Desktop now create a new directory called CRLFuzz using the following command. In this directory, we will complete the installation of the CRLFuzz tool.
mkdir CRLFuzz
Step 4: Now switch to the CRLFuzz directory using the following command.
cd CRLFuzz
Step 5: Now you have to install the tool. You have to clone the tool from GitHub.
git clone https://github.com/dwisiswant0/crlfuzz
Step 6: The tool has been downloaded successfully in the CRLFuzz directory. Now list out the contents of the tool by using the below command.
ls
Step 7: You can observe that there is a new directory created of the CRLFuzz tool that has been generated while we were installing the tool. Now move to that directory using the below command:
cd crlfuzz/cmd/crlfuzz
Step 8: Build the tool using the following command.
go build
Step 9: Move the tool in /bin directory for quick usage from anywhere.
mv crlfuzz /usr/local/bin
Step 10: Now we are done with our installation, Use the below command to view the help (gives a better understanding of tool) index of the tool.
crlfuzz -h
CRLFuzz – A Linux Tool To Scan CRLF Vulnerability Written in Go
CRLF injection is a software application coding vulnerability that occurs when an attacker injects a CRLF character sequence where it is not expected. Checking the CRLF Vulnerability manually on the target domain becomes very complicated. So there should be an automated approach for studying the vulnerability. CRLFuzz is a computerized tool designed in the Golang language that scans the CRLF Vulnerability target with a single click. CRLFuzz tool is open-source and free to use.
Note: As CRLFuzz is a Golang language-based tool, so you need to have a Golang environment on your system. So check this link to Install Golang in your system. – Installation of Go Lang in Linux