[Owasp-leaders] Host header injection

jan.kopecky at owasp.org jan.kopecky at owasp.org
Wed Oct 1 00:03:08 UTC 2014


Try to check http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html?spref=tw . Very nice source to see impact of host header manipulation..






Sent from Windows Mail





From: Owen Pendlebury
Sent: ‎Tuesday‎, ‎September‎ ‎30‎, ‎2014 ‎11‎:‎53‎ ‎PM
To: owasp-leaders at lists.owasp.org




Hi all,



Just wanted to ask your thoughts on host header injection. Because of the TcP connection I shouldn't be able to alter the host header and it redirect me right?



Would be interested in hearing your opinions on risk and exploitation of this.



Owen
OWASP Ireland-Dublin Chapter Lead

-- 


Owen Pendlebury

OWASP Ireland-Dublin Chapter Lead
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141001/7ee85f6a/attachment-0001.html>


More information about the OWASP-Leaders mailing list