nuclei-templates/vulnerabilities/x-forwarded-host-injection....

20 lines
432 B
YAML
Raw Normal View History

2020-04-22 09:54:04 +00:00
id: host-header-injection
2020-04-22 05:05:14 +00:00
info:
name: Host Header Injection (x-forwarded-host)
author: melbadry9
severity: low
requests:
- method: GET
# Example of sending some headers to the servers
headers:
2020-05-24 22:19:21 +00:00
# MD5 hash of melbadry9
2020-04-22 05:05:14 +00:00
X-Forwarded-Host: "0021e78f48fe6525798294b7711c6f72.com"
path:
- "{{BaseURL}}/"
matchers:
- type: word
words:
- "0021e78f48fe6525798294b7711c6f72"