.png)
8 months ago
36 BOOK THIS SPACE FOR AD
ARTICLE ADStep one :
after a wild recon, I’m Searching active domain on httpx on this command
cat sub.txt|httpx --status-code --title -tdafter navigation on many URL find 5 domains to redirection example.com
now let's get checking and capturing Request on the first domain :
we found 2 request {308,307}on first domain for redirection on apex domain, but we have 308 status code withe first request no lest get try host header injection on this request .
We can see this request redirect Clint on another part lets follow this:
lest try for host header injection, maybe it's working 🤨
no we dont have any redirection we give 404 status code 😒 so never give up lest try back and testing first request 😈
good new we have 301 status code:) lets follow
follow and continue :
and boom 💥we are rediret on bing.com
ok but we have another domain like this request see my target rediction flow on this picture 👇:
note: first checking any testing redirection on your scope program for resolving on your report :)
and finally, we have 5 Host header Injection vulnerability on 5 different domains.
Conclusion:
This write-up serves not only to share my discovery with the security community but also to raise awareness about the importance of robust web application security. As we continue to navigate the digital landscape, collaboration between security researchers and organizations becomes crucial to fortifying our online defenses.
Stay tuned for updates on the resolution of these vulnerabilities. Your feedback and insights are highly appreciated as we collectively strive to create a more secure online environment.
Happy hacking responsibly!
Best regards, Matin
Bengali (Bangladesh) · 
English (United States) ·