nuclei-templates/http/vulnerabilities/generic/host-header-injection.yaml

35 lines
896 B
YAML

id: host-header-injection
info:
name: Host Header Injection
author: princechaddha
severity: info
description: HTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol headers are dynamically generated based on user input.
reference:
- https://portswigger.net/web-security/host-header
- https://portswigger.net/web-security/host-header/exploiting
- https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
metadata:
max-request: 1
tags: hostheader-injection,generic
http:
- method: GET
path:
- "{{BaseURL}}"
headers:
Host: "{{randstr}}.tld"
matchers-condition: and
matchers:
- type: word
words:
- '{{randstr}}.tld'
part: body
condition: and
- type: status
status:
- 200