Jump to content

Welcome, Guest!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Traumflug

The Host Header Injection Booboo

Recommended Posts

Earlier this week I was asked for advice on two vulnerabilities somebody assumed to exist on his site. Lo’ and behold, s/he was right both times. For one of them I wrote a blog post, showing how to detect this vulnerability and also a rough sketch on how to fix the server if needed.

The Host Header Injection Booboo

Detection is quite easy on the command line. Just run this, with <my host> replaced by your actual host:

  curl -v -H "Host: evil.com" https://<my host> 2>&1 | grep evil.com

If the answer contains something with evil.com, the host is vulnerable. Testing should happen on all hosts in the public and with HTTP as well as HTTPS.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...