Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Web10: Some forms of fake http headers
In web programming, many programmers use fields in http headers to check and control user access. This inspection and control may seem safe, but in reality all fields in the http headers can be tampered with, leading to the risk of unauthorized access to those websites.
Below, TipsMake.com will help you learn about some cases of forging http headers to achieve unauthorized access.
In some cases, some websites only allow access from certain pages. When you request from another page, access will be denied.
For example, try visiting the following page:
URL: http://natas4.natas.labs.overthewire.org/
Username: natas4
Password: Z9tkRkWmpt9Qr7XrR5jWRkgOU901swEZ
In this case, the programmer used the variable $_SERVER['HTTP_REFERER'] to control access. The field corresponding to this variable in the header is Referer.
Therefore, you can change the header to access that site. Use Tamper data (firefox addon) to change the referer field in the header to the following:
And we can access that site
Another case:
A site stores the logged in state in a cookie, because cookies are also sent in the http header so we can change:
URL: http://natas5.natas.labs.overthewire.org/
Username: natas5
Password: iX6IOfmpN7AYOQGPwtn3fXpbaJVJcHfq
When using Tamper data to analyze the header sent, we see the parameter loggedin=0 in the cookie field. Change it to 1 then submit to see the difference.
An example follows:
A site has a segment that handles the ip of incoming visitors. This site only allows access from a fixed ip address, and access from other ip addresses is not allowed. However, it uses the information sent in the http headers to check the user's IP.
X-Forwarded-For and Client-Ip are two corresponding fields of two server variables $_SERVER['HTTP_X_FORWARDED_FOR'] and $_SERVER['HTTP_CLIENT_IP'] in the HTTP header. Therefore, we can spoof the access IP address by changing one of these two fields.
For upload form
Some programmers use code to check the extension of the uploaded file as follows:
if($_FILES['file']['type'] == 'image/gif') { //cho phép upload } else { //không cho phép upload }Hackers can easily bypass it by using Tamper software to edit the Content-Type field in the header before sending it to the server.
And hackers can upload a file with an unauthorized .php extension.
Using fields in http headers to check and control access is not safe, so programmers need to understand it to ensure website security.
Below is a video describing some cases of fake http headers performed by WhiteHat.vn forum members:
Good luck!
David PacYou should read it
May be interested
- Message in HTTP
http is built on the basis of the client-server structure model and stateless request / response protocol, which is governed by the exchange of messages (message) along a tcp / ip connection. - How to add branches or nested questions in Google Formswant to create more interactive, dynamic forms on google forms? then let's learn how to add quick logic and nested questions in google forms.
- What is Fake IP? Guide to the simplest Fake IP for Chromeprovide a concept of what is a fake id and why must fake id. the fake ip mechanism is to use a virtual private network vps to another server, so how to do fake ip in chrome. click watch now!
- How HTTP workshypertext transfer protocol (http) provides a network protocol standard that web browsers and servers use to communicate. you see http every day because when you visit a website, the protocol is written right in the url.
- Response (Response) in HTTPafter receiving and interpreting a request message, a server sends a response signal with an http response message.
- 5 ways to improve website speed with HTTP / 2hypertext transfer protocol version 2 (hypertext transfer protocol version 2) or http / 2 is the latest http standard. updates to this protocol will improve the speed, performance and security of web traffic.
- How to insert Headers and Footers in Google sheetson the google sheets online spreadsheet tool, where headers and footers are not available, are displayed until you decide to print the sheet.
- Encrypt status in HTTPthe status-code element is a 3-character integer, in which the first character of the status encoding defines the response type and the last two characters do not have any sorting role. there are 5 values of the first character.
- Some typing application forms for your referencehow to get the most standard typing application you can easily use right away? the following typing application forms will help you a lot during the job application process.
- Full list of HTTP status codes, HTTP Status Codethe http status line is the term given to the http status code (real code) when accompanied by the 'http reason phrase' - the term for the reason (short description).
Web12: Session Fixation hacking technique
How to Access Your Computer When You Forget Your Password
DDoS IP/ICMP Fragmentation attack
What is user authentication? How does this feature work?
6 dire consequences that a website must suffer if it is hacked
Web14: Security issues in the HTTP protocol