id: external-service-interaction

info:
  name: External Service Interaction
  author: andreluna
  severity: info
  description: External Service interaction via Host Header Injection.
  reference:
    - https://portswigger.net/kb/issues/00300210_external-service-interaction-http
    - https://success.qualys.com/support/s/article/000006843
    - https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection
  classification:
    cwe-id: CWE-918,CWE-406
  metadata:
    max-request: 1
  tags: miscellaneous,http,misc,oast

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    headers:
      Host: "{{interactsh-url}}"
    redirects: true
    max-redirects: 1
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"
          - "dns"
        condition: or
# digest: 4a0a0047304502202b1990eec2ed50fd5a033f320249db8d86d10e15d7268539591330e2b45c080e022100b1f4c11328d5f34950301c422d8f6920d0345b534fb7956c3e3ccf004f8bb584:922c64590222798bb761d5b6d8e72950