Host Header Attack : Cache Poisoning

Please refer Host Header Attack previous post before reading this one

Steps to perform Cache Poisoning Attack:

  1. Find URL in burp suite having status code 2xx | 3xx.

  2. After intercepting the website, send it to intruder and change host to any website (Eg: Bing.com).

  3. Click go and search in response for the website you have entered(Eg: here bing).

  4. If found, Right-click where you changed the host name and click on "show response in browser".

  5. Try every clickable item on the webpage, if it is getting redirected to a website( which you have entered in the host field) then there is a vulnerability.



0 views
  • Instagram
  • LinkedIn
  • Facebook

©2020 by Parth Shukla