Re: HOST header manipulation

[Matt Hellman <mhellman () taxandfinance com>]

Maybe a shorter version of my question will help:

Let's say I have an application that is vulnerable to HOST header 
manipulation.  In this case, it's an issue with the authentication 
process that eventually appends a session ID to a redirect based on the 
HOST header. It could be a XSS injection or CRLF...whatever.

How might an attacker get a victim to submit a request with a crafted 
HOST header? XHR? Flash? Java?

TIA








--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits? 
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well. 

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------