Hconin Spoofing HTTP Headers - Hcon Security Testing Framework et us do that using Hon%T&, %ee the location in the i!age and right clic$ on the icon by using this we will add custo! headers into the http request which will!isguide the server.
Hconin Spoofing HTTP Headers - Hcon Security Testing Framework et us do that using Hon%T&, %ee the location in the i!age and right clic$ on the icon by using this we will add custo! headers into the http request which will!isguide the server.
Hconin Spoofing HTTP Headers - Hcon Security Testing Framework et us do that using Hon%T&, %ee the location in the i!age and right clic$ on the icon by using this we will add custo! headers into the http request which will!isguide the server.
using Hcon Security Testing Framework By Ashish Mistry www.Hcon.in By: Ashish Mistry Hconin Spoofing HTTP Headers - Hcon Security Testing Framework Whenever we visit any site or use web application, we request data by sending HTTP requests to the server. This HTTP requests uses different HTTP headers. ne interesting thing about this headers is that so!e of the! reveals your "P address to the server by sending it in the HTTP headers. The responsible headers for this are, But instead of revealing the infor!ation or #ust !a$ing it blan$ and sending it to the server, we can spoof it and use any "P to send it to server easily by Hcon%T&. By: Ashish Mistry Hconin X-Forwarded-For ' %hows origin of the request sender or even fro! any HTTP pro(y Client-IP ) %hows the "P of the request sender Via ' %ends "P address of pro(ies used Spoofing HTTP Headers - Hcon Security Testing Framework *et us do that using Hon%T&, %ee the location in the i!age and right clic$ on the icon By using this we will add custo! headers into the HTTP request which will !isguide the server. By: Ashish Mistry Hconin Spoofing HTTP Headers - Hcon Security Testing Framework *ets we configure it to use the custo! headers we want. +ight clic$ the icon and open Preferences we can configure it to use, +ando! range of "P Address Provide a list of "P address to use By: Ashish Mistry Hconin Spoofing HTTP Headers - Hcon Security Testing Framework ,ow lets configure as we want and activate tool and see the results
-. We will going to use all the headers to send so selecting all the type of HTTP headers .. /hoosing the rando! "P address range and adding range fro! 0.0.0.0 to -1.-1.-1.-1 2. lets now save it by 3 and activate the configurations by #ust clic$ing on the icon, it will turn dar$. By: Ashish Mistry Hconin Spoofing HTTP Headers - Hcon Security Testing Framework ,ow to test it #ust refresh the page and open the Header reader as shown in the first i!age. By: Ashish Mistry Hconin Spoofing HTTP Headers - Hcon Security Testing Framework *ets test the configuration we done and see if it is wor$ing or not, open HTTP headers now ,eed any help further on this 4 5 http566www.Hcon.in6co!!unity.ht!l /hec$out other Help 7ocu!ents at 5 http566www.Hcon.in6hconstf)docs.ht!l By: Ashish Mistry Hconin