Jump to content
thirty bees forum

The Host Header Injection Booboo


Traumflug

Recommended Posts

Earlier this week I was asked for advice on two vulnerabilities somebody assumed to exist on his site. Lo’ and behold, s/he was right both times. For one of them I wrote a blog post, showing how to detect this vulnerability and also a rough sketch on how to fix the server if needed.

The Host Header Injection Booboo

Detection is quite easy on the command line. Just run this, with <my host> replaced by your actual host:

  curl -v -H "Host: evil.com" https://<my host> 2>&1 | grep evil.com

If the answer contains something with evil.com, the host is vulnerable. Testing should happen on all hosts in the public and with HTTP as well as HTTPS.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...