Web App Penetration Testing Tutorial

Host Header Injection

Table of Contents

  • What is Host Header Injection Attack?
  • Testing for Host Header Injection Attacks
  • Host Header Injection
  • Test your knowledge with a quick quiz!

What is Host Header Injection Attack?

Many websites are hosted on the same web server and have the same IP address. That is where the role of the host header comes into play. It defines which websites should respond to an HTTP request by the user. 

However, if an invalid host header is defined, it can cause errors and misconfiguration attacks. For instance, most of the servers pass the unidentifiable host headers to the first host in the list. Hence, there are chances that requests are sent to first hosts with arbitrary host headers.

Moreover, hackers can make use of X-Forwarded-Host headers to bypass the arbitrary host headers. 

There are numerous websites and web apps that don’t validate the user inputs. Hackers can take advantage of it to launch host header injections. 

Testing for Host Header Injection Attacks

To check whether a system or site has flaws that can lead to HHi, you can use a proxy like Burp Proxy, Burp Intruder, or Burp Repeater. 

These will help you determine if the Host Header can be modified while reaching the app with the request. 

Here, you should try supplying an arbitrary host header, checking for weak validation, sending ambiguous requests, supplying absolute URLs, adding line wrapping, etc. 

Host Header Injection

Host Header Injection 

Test your knowledge with a quick quiz!

What does HHi stand for?

Select the correct answer

Did you find this article helpful?