Olá galera do forúm, preciso muito da ajuda de vocês.
Então vamos lá, scaneando um site no acunetix, o programa apontou uma vulnerabilidade high :
Host header attack
Vulnerability description
An attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Developers often resort to the exceedingly untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in PHP). Even otherwise-secure applications trust this value enough to write it to the page without HTML-encoding it with code equivalent to:
<link href="http://_SERVER['HOST']" (Joomla)
...and append secret keys and tokens to links containing it:
<a href="http://_SERVER['HOST']?token=topsecret"> (Django, Gallery, others)
....and even directly import scripts from it:
<script src="http://_SERVER['HOST']/misc/jquery.js?v=1.4.4"> (Various)
Affected items
/css/w3.css
Quero saber como posso usar a vulnerabilidade para conseguir dados como login e senha
Então vamos lá, scaneando um site no acunetix, o programa apontou uma vulnerabilidade high :
Host header attack
Vulnerability description
An attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Developers often resort to the exceedingly untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in PHP). Even otherwise-secure applications trust this value enough to write it to the page without HTML-encoding it with code equivalent to:
<link href="http://_SERVER['HOST']" (Joomla)
...and append secret keys and tokens to links containing it:
<a href="http://_SERVER['HOST']?token=topsecret"> (Django, Gallery, others)
....and even directly import scripts from it:
<script src="http://_SERVER['HOST']/misc/jquery.js?v=1.4.4"> (Various)
Affected items
/css/w3.css
Quero saber como posso usar a vulnerabilidade para conseguir dados como login e senha
Comment