[Owasp-leaders] Host header injection

• Next message: [Owasp-leaders] NYC Call for Trainers!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Try to check http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html?spref=tw . Very nice source to see impact of host header manipulation..






Sent from Windows Mail





From: Owen Pendlebury
Sent: ‎Tuesday‎, ‎September‎ ‎30‎, ‎2014 ‎11‎:‎53‎ ‎PM
To: owasp-leaders at lists.owasp.org




Hi all,



Just wanted to ask your thoughts on host header injection. Because of the TcP connection I shouldn't be able to alter the host header and it redirect me right?



Would be interested in hearing your opinions on risk and exploitation of this.



Owen
OWASP Ireland-Dublin Chapter Lead

-- 


Owen Pendlebury

OWASP Ireland-Dublin Chapter Lead
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141001/7ee85f6a/attachment-0001.html>

• Next message: [Owasp-leaders] NYC Call for Trainers!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]