Merge pull request #2593 from projectdiscovery/openvpn-hhi

Added OpenVPN Host Header Injection

vulnerabilities/other/openvpn-hhi.yaml

@@ -0,0 +1,27 @@
+id: openvpn-hhi
+
+info:
+  name: OpenVPN Host Header Injection
+  author: twitter.com/Dheerajmadhukar
+  severity: info
+  tags: openvpn,hostheader-injection
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{randstr}}.tld
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "https://{{randstr}}.tld/__session_start__/"
+          - "openvpn_sess"
+        part: header
+        condition: and
+
+      - type: status
+        status:
+          - 302