\section{Appendices}
\label{sec:appendices}

\subsection*{Nessus files}
\label{sec:appendices_nessus}

The two outputs generated by \textit{Nessus} are attached to this report, under the \textit{nessus} folder in the \textit{ZIP} file of the sources.

\begin{itemize}
    \item \textbf{http\_splitting\_vg9un1.nessus}: results of the overall scan on the complete server
    \item \textbf{58002\_hkbi2w.nessus}: results of the Web-oriented scan on the Web server
\end{itemize}

\subsection*{Attack script}
\label{sec:appendices_script}

The \textit{Node} application used to perform the attack is available in the \textit{ZIP} file of the sources.

Files:
\begin{itemize}
    \item \textbf{package.json}: file defining the application and its dependencies
    \item \textbf{index.js}: file containing the \gls{javascript} code for the attack
\end{itemize}

Here is the procedure to install and execute the attack from a terminal:
\begin{enumerate}
    \item Go to the directory containing those two files
    \item Run the following command to initialize the application: \texttt{npm install}
    \item Run the following command: \texttt{node index.js}
\end{enumerate}

Make sure that the \textit{Node} environment and the \gls{npm} \gls{package_manager} are installed on your system.

\subsection*{\LaTeX \ report}
\label{sec:appendices_report}

The files used to generate this report are available under the \textit{report} folder of the \textit{ZIP} file of the sources.

\subsection*{Presentation}
\label{sec:appendices_presentation}

The presentation file, EHK20\_HTTP-Response-Splitting\_Guibert-Loic\_presentation.pdf, of this challenge is available at the root directory of the main \textit{ZIP} file.