Hackers can change your passwords with this exploit..
Checkout AppMySite and convert your website to native mobile app in minutes!: https://www.appmysite.com/?ref=internal&tap_s=4294845-a20d74
In this video, I demonstrate Host Header Injection and how hackers exploit this vulnerability to reset passwords of users on a website.
DISCLAIMER: This video is intended only for educational purposes. The concepts showcased in this video are completely from a penetration testing perspective. I do not promote or encourage any illegal hacking activities.
Host header injection vulnerability exists when a website takes the Host value from the request header and processes it in an operation like construction the password reset URL for a user. When this happens, the request is directed to the attacker's server instead of the actual web server of the website.
In this video, I showcased this vulnerability on a retired HackTheBox machine called Forgot.
Check out this machine here: https://www.hackthebox.com/machines/forgot
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: https://discord.gg/6TjBzgt
Follow me on Instagram: https://instagram.com/teja.techraj
Website: https://techraj156.com
Blog: https://blog.techraj156.com
Видео Hackers can change your passwords with this exploit.. канала Tech Raj
In this video, I demonstrate Host Header Injection and how hackers exploit this vulnerability to reset passwords of users on a website.
DISCLAIMER: This video is intended only for educational purposes. The concepts showcased in this video are completely from a penetration testing perspective. I do not promote or encourage any illegal hacking activities.
Host header injection vulnerability exists when a website takes the Host value from the request header and processes it in an operation like construction the password reset URL for a user. When this happens, the request is directed to the attacker's server instead of the actual web server of the website.
In this video, I showcased this vulnerability on a retired HackTheBox machine called Forgot.
Check out this machine here: https://www.hackthebox.com/machines/forgot
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: https://discord.gg/6TjBzgt
Follow me on Instagram: https://instagram.com/teja.techraj
Website: https://techraj156.com
Blog: https://blog.techraj156.com
Видео Hackers can change your passwords with this exploit.. канала Tech Raj
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PFB #10 - Type Conversion in JavaPFB #14 - Command Line Input in JavaPFB #23 - Conditional Statements in JavaHow to prevent Autolikers from using your Facebook Account[2015]PFB #22 - Logical and Comparison Operators in PythonPFB #13 - Arithmetic Operators in PythonSmoke Effect in Photoshop | Photo Manipulation TutorialPFB #20 - Logical and Comparison Operators4 Simple Ways To Remove the Background Of An ImageHow to Compress the Size of a Video File Without Loosing Its Quality [HandBrake] - 2016Create a Browser-based Hacking Lab for Pentesting (ParrotOS)How to Take Over a Website with Command Injection | HTB PhotobombLet's chat! | Coding Python Password Manager later..OSINT with Maltego - Leaking Confidential Information!The only video you need to understand BitcoinHow to setup a C&C server with Metasploit like a Hacker!How to actually make your Python code run faster?How to stay Anonymous on the Internet with Tails! (How Hackers do it!)An IDOR Vulnerability on INSTAGRAM! 49500$ Rewarded!Convert your Website into a Mobile App without Coding!Can you know when someone opened your Email? [Experiment]