Collaborate Disseminate
SCENARIO:
If I send requests like these:
http://site.com/page?safe_param=1?my_arbitrary_param=2
The server responds with a normal HTTP response but within common headers it includes also the arbitrary param:
[…]
my_arbitrary_param: 2
[…. Continue reading Arbitrary query parameter reflected in server response header. Is it exploitable?
I have recently launched a new django based api, and quite quickly, I started to receive INVALID_HOST_HEADER SOME RANDOM URL errors. My understanding is that this is caused by somebody manually changing the HOST header, or proxying my API … Continue reading Why do Invalid Host header errors exist, what are attackers trying to achieve?
I am currently conducting a pentest and I found an application vulnerable to http header injection, where the user input is reflected after the Content-Type header, and the Content-Type is set to application/force-download. T… Continue reading Would HTTP Header injection allow for an XSS vulnerability if content-type is application/force-download?
How can I make this type of payload or HTTP request? I used them to have internet without isp limitations. Connected by means of an ssh account.
Where can I find information about this type of HTTP request? I put some exampl… Continue reading How can I create an http request like this manually or with a tool? [on hold]
I am new to this field and would like to know how the flow happens in a host header injection attacks.
I believe it’s as below:
Client generates the request.
Attacker manipulates the request and changes the host header (to… Continue reading Flow of a host header injection attack?
Our application has been checked by PEN Test tool, and there are description of issue:
An attacker can redirect the application using the host header on the
below mentioned URL to redirect them to phishing websites.
Reproducing ste… Continue reading Host header injection attack with Spring boot embedded tomcat
How can we mitigate host header injection in ASP.NET? I have already configured application binding in IIS and set static hostname but still, the vulnerability exists.
Continue reading Prevention of host header injection in ASP.NET?
I am a beginner in security and reading about host header injection. I tested an application for this vulnerability and it is possible there for some request, but the developer implemented no-cache, no-store flags and this vu… Continue reading Is host header injection possible without cache or password reset?
I am testing a web application and found a redirect function which seems to be insecure. If I visit a non-existing page, then I am getting redirected to login page of application. However the redirect function can be exploited by setting c… Continue reading Exploiting HTTP redirect function via the Host header
A security researcher has publicly disclosed two critical zero-day vulnerabilities in Vanilla Forums, an open source software that powers discussion on over 500,000 websites, which could allow unauthenticated, remote attackers to fully compromise targe… Continue reading 0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites