Gupta Bless

Oct 17, 2020

4 min read

Exploiting Host-Header Injection

For account takeover:

Host-Header:

Nowadays a single web-server is used to deploy more than one application. It means all application resolves the same IP-address. So to avoid confusion. a host header is used because the host header specifies which request has to move which application.

--

--

More from Gupta Bless

Security enthusiast working to secure web for others.

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Neonearth.Io

​Neon Earth Public Sale

Azbit

in

Azbit News

KUKU IEO On Azbit: $100,000 Token Sale

vEmpire

vEmpire Weekly Roundup, 15th July 2022

Kingsleymark

Whatever be your need and the services you offer @thedapplist serves the perfect platform to…

Tachyon

Tachyon Protocol Weekly Report #95

Nikos reBaked

in

reBaked

Fractal x ReBaked: Fostering A Transparent And Inclusive Web 3 Ecosystem

John Patrick Lita

Wish-you.co Analysis

Solid Protocol

AMA with ID Crypto Community (12/16)

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Gupta Bless

Gupta Bless

Security enthusiast working to secure web for others.

More from Medium

Isaac Peka

in

System Weakness

[1/3] Brute-Force Protection Bypass @ GitLab

Ramin

Server-Side Request Forgery (SSRF)

Robert Gilbert

CVE-2021- 41528: Flexera / RISC Networks — Vulnerable Authorization Schema

Eslam Akl

in

InfoSec Write-ups

Authentication bypass using root array

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable