5l1v3r1 / host-header-attack-test Goto Github PK

In many cases, developers are trusting the HTTP Host header value and using it to generate links, import scripts and even generate password resets links with its value. This is a very bad idea, because the HTTP Host header can be controlled by an attacker. This can be exploited using web-cache poisoning and by abusing alternative channels like password reset emails. ##Install please Installing python 2.7 or higher, for example, in centos 6.3, see the link below
Installing python 2.7 on centos 6.3

in linux terminal :

1. git clone https://github.com/keramatAlijani/Host-Header-Attack-Test.git
   
2. cd Host-Header-Attack-Test
   
3. pip install -r requirements.txt
   
   if You are using pip version 7.1.0, You should consider upgrading via the pip install --upgrade pip command

##Usage

1. python Host-Header-Vulnerability-Detection.py
   
2. type your domain
   
3. Wait until the process is completed and see results directory
   

##Remediation (Acunetix) The web application should use the SERVER_NAME instead of the Host header. It should also create a dummy vhost that catches all requests with unrecognized Host headers. This can also be done under Nginx by specifying a non-wildcard SERVER_NAME, and under Apache by using a non-wildcard serverName and turning the UseCanonicalNam

##contact with me Email : [email protected]