Completed
How implementations handle requests with space-surrounded Host Header?
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Host of Troubles - Multiple Host Ambiguities in HTTP Implementations
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Multiparty interactions in current Internet
- 3 Previous works about ambiguity
- 4 How HTTP requests are processed
- 5 Host - A critical HTTP field
- 6 Technique 1: Multiple Host header
- 7 How do implementations handle requests with multiple Host header?
- 8 How implementations handle requests with space-surrounded Host Header?
- 9 Absolute-URI as request-target
- 10 How do different implementations handle absolute-URI?
- 11 Attacks exploiting host ambiguity
- 12 Cache poisoning Co- hosting website
- 13 Cache poisoning Co-CDN website
- 14 Cache poisoning any HTTP website CVE-2016-4553
- 15 Firewall bypass
- 16 WAF bypass
- 17 How Prevalent are Upstream/Downstream vulnerabilities?
- 18 Outline
- 19 Measurement set up
- 20 Execution of test cases
- 21 Measurement results
- 22 Mitigation
- 23 A test in my phone's network
- 24 Discussion