-->
Home

Host Header Injection - HHI

 

Description:

A Host header attack, also known as Host header injection, is a web attack where the attacker provides a false Host header to the web application. Find more information about other types of injection attacks

Replication Steps:

  • 1) Go to (Target URL)and capture the request.
  • 2) Now in Burpsuite add X-Forwarded-Host: bing.com under the Host Header.
  • 3) Forward.
  • 4)You will notice that the site is now redirected to Bing.com
  • Hence this is vulnerable to Host Header Injection.

    • Impact:

    Whenever a user visits this URL, it will redirect them to anysite.com. It is used in phishing attacks.

    Mitigation:

    If possible, the application should avoid incorporating user-controllable data into redirection targets. In many cases, this behavior can be avoided in two ways:

    Remove the redirection function from the application, and replace links to it with direct links to the relevant target URLs.

    Maintain a server-side list of all URLs that are permitted for redirection. Instead of passing the target URL as a parameter to the redirector, pass an index into this list.

    • I have also provided the video PoC, kindly tell me if you need more information.
    • Thank You