Hackers can change your passwords with this exploit..
Checkout AppMySite and convert your website to native mobile app in minutes!: https://www.appmysite.com/?ref=internal&tap_s=4294845-a20d74
In this video, I demonstrate Host Header Injection and how hackers exploit this vulnerability to reset passwords of users on a website.
DISCLAIMER: This video is intended only for educational purposes. The concepts showcased in this video are completely from a penetration testing perspective. I do not promote or encourage any illegal hacking activities.
Host header injection vulnerability exists when a website takes the Host value from the request header and processes it in an operation like construction the password reset URL for a user. When this happens, the request is directed to the attacker's server instead of the actual web server of the website.
In this video, I showcased this vulnerability on a retired HackTheBox machine called Forgot.
Check out this machine here: https://www.hackthebox.com/machines/forgot
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: https://discord.gg/6TjBzgt
Follow me on Instagram: https://instagram.com/teja.techraj
Website: https://techraj156.com
Blog: https://blog.techraj156.com
Видео Hackers can change your passwords with this exploit.. канала Tech Raj
In this video, I demonstrate Host Header Injection and how hackers exploit this vulnerability to reset passwords of users on a website.
DISCLAIMER: This video is intended only for educational purposes. The concepts showcased in this video are completely from a penetration testing perspective. I do not promote or encourage any illegal hacking activities.
Host header injection vulnerability exists when a website takes the Host value from the request header and processes it in an operation like construction the password reset URL for a user. When this happens, the request is directed to the attacker's server instead of the actual web server of the website.
In this video, I showcased this vulnerability on a retired HackTheBox machine called Forgot.
Check out this machine here: https://www.hackthebox.com/machines/forgot
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: https://discord.gg/6TjBzgt
Follow me on Instagram: https://instagram.com/teja.techraj
Website: https://techraj156.com
Blog: https://blog.techraj156.com
Видео Hackers can change your passwords with this exploit.. канала Tech Raj
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PFB #10 - Type Conversion in Java
PFB #14 - Command Line Input in Java
PFB #23 - Conditional Statements in Java![How to prevent Autolikers from using your Facebook Account[2015]](https://i.ytimg.com/vi/M8Tsw9FNWo8/default.jpg)
How to prevent Autolikers from using your Facebook Account[2015]
PFB #22 - Logical and Comparison Operators in Python
PFB #13 - Arithmetic Operators in Python
Smoke Effect in Photoshop | Photo Manipulation Tutorial
PFB #20 - Logical and Comparison Operators
4 Simple Ways To Remove the Background Of An Image![How to Compress the Size of a Video File Without Loosing Its Quality [HandBrake] - 2016](https://i.ytimg.com/vi/GJXH-aEZhWQ/default.jpg)
How to Compress the Size of a Video File Without Loosing Its Quality [HandBrake] - 2016
Create a Browser-based Hacking Lab for Pentesting (ParrotOS)
How to Take Over a Website with Command Injection | HTB Photobomb
Let's chat! | Coding Python Password Manager later..
OSINT with Maltego - Leaking Confidential Information!
The only video you need to understand Bitcoin
How to setup a C&C server with Metasploit like a Hacker!
How to actually make your Python code run faster?
How to stay Anonymous on the Internet with Tails! (How Hackers do it!)
An IDOR Vulnerability on INSTAGRAM! 49500$ Rewarded!
Convert your Website into a Mobile App without Coding!![Can you know when someone opened your Email? [Experiment]](https://i.ytimg.com/vi/NtVIslru8fo/default.jpg)
Can you know when someone opened your Email? [Experiment]