[Owasp-leaders] Host header injection

jan.kopecky at owasp.org jan.kopecky at owasp.org
Wed Oct 1 00:03:08 UTC 2014

Try to check http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html?spref=tw . Very nice source to see impact of host header manipulation..

Sent from Windows Mail

From: Owen Pendlebury
Sent: ‎Tuesday‎, ‎September‎ ‎30‎, ‎2014 ‎11‎:‎53‎ ‎PM
To: owasp-leaders at lists.owasp.org

Hi all,

Just wanted to ask your thoughts on host header injection. Because of the TcP connection I shouldn't be able to alter the host header and it redirect me right?

Would be interested in hearing your opinions on risk and exploitation of this.

OWASP Ireland-Dublin Chapter Lead


Owen Pendlebury

OWASP Ireland-Dublin Chapter Lead
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141001/7ee85f6a/attachment-0001.html>

More information about the OWASP-Leaders mailing list