Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Because HTTP headers can originate from a Web browser, an attacker can modify th

ID: 3783516 • Letter: B

Question

Because HTTP headers can originate from a Web browser, an attacker can modify the headers (called HTTP header manipulation) to create an attack. Although Web browsers do not normally allow HTTP header modification, Web services are available that allow data from a browser to be modified. One type of HTTP header attack manipulates the Referer field. Follow the steps below to modify a Referer field.

Use your Web browser to go to www.httpdebugger.com/tools/ViewHttpHeaders.aspx to access the MadeForNet HTTP debugger.

For the HTTP(s) URL field, enter "http://www.course.com"

For the Content Type field, enter "text/html"

For the Referer field, enter "http://www.google.com". This will change the referer from this current site to another site.

Click Submit. Note that the Referer field has changed.

How could an attacker use this in an HTTP header attack? Write your response, in approximately 200 words, in the submission area below.

Explanation / Answer

HTTP Header Attack also known as a web application security Vulnerable .

Since HTTP is based on request and response system of the web application. So HTTP response and request have the HTTP Header as a Component of theirs. So that the Header Files are transfererd each and every request and response.are made on the server. They, the Header File can carry extra data regarding these response and request as well.

So this vulnerablity only where is happen where user based input is taken.

Now How attacker use this vulnerablity .Since HTTP support the following method

1.Head

2.GET

3.POST

4.PUT

5.Delete

6.Trace

7.Options

8.CONNECT

they use the PUT (payload method) method when the request and response is made. it means they send the extra data or what they want to send use in header and send the data to the server. they can be used the put method or delete to imliment the webpage.

Put--this method used to send the payload to the server.

Delete- this method used for deleting the file on the server.

This can be done by the following method ------------------

Related Questions

Bears 4 Sharks 7 Cats 9 Hedgehogs 6 Ants 2 Aardvarks 11 Your program should prod
Question #3746479
Bears Inc. sells football helmets to local schools and warrants all of its produ
Question #2371114
Beartowne Enterprises uses an activity-based costing system to costs in its auto
Question #2337860
Beasley Ball Bearings paid a $4 dividend last year. The dividend is expected to
Question #2618584
Beasley Ball Bearings paid a $4 dividend last year. The dividend is expected to
Question #2620986
Beasley Ball Bearings paid a $4 dividend last year. The dividend is expected to
Question #2682136
Beasley Ball Bearings paid a $4 dividend last year. The dividend is expected to
Question #2694261
Beasley Ball Bearings paid a $4 dividend last year. The dividend is expected to
Question #2789129
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Because 2 ? rad = 1 rev, the angular displacement in part (b) corresponds to 2.2
Next
Because Mei-ling has had such a successful first few months, she is considering

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.