What is Host Header Injection:
In many cases, developers are trusting the HTTP Host header value and using it to generate links, import scripts and even generate password resets links with its value. This is a very bad idea, because the HTTP Host header can be controlled by an attacker. This can be exploited using web-cache poisoning and by abusing alternative channels like password reset emails.
How to Test Vulnerability:
-Open Firefox
-Open Burpsuite
-Start Intercepter.
-Visite The Website/WebServer You Want to Test
-Intercept The Http Request
-Search For Header "Host"
It should be like Host: www.site.com
-Exactly Below The "Host" Header
-Type X-Forwaded-Host: www.google.com
Results:
If in The response The header [-Type X-Forwaded-Host: www.google.com] has been added and the Browser has be redricted to google.com The server is vulnerable to header Injection
Comments
Post a Comment