Attacking Password Resets with Host Header Injection

IppSec · Beginner ·📰 AI News & Updates ·3y ago

00:00 - Introduction talking a little bit about 00:55 - Using Extension to show a legitimate password reset 01:50 - Modifying the host header and showing the website uses that in the sent email 02:40 - Talking about mail filters auto-clicking links, which means user interaction isn't always required 03:30 - Sending a password reset to one of my personal emails, to show a mail filter auto clicks the link 04:40 - Got our click! Checking the IP Address to show it was a bot 06:00 - Showing how easy this vulnerability can occur by having OpenAI Build us code! 07:45 - Verifying the code was indeed vulnerable 08:45 - Asking the AI ways to protect against this type of attack, the best way is to put a whitelist on valid domains used to generate password reset links 10:37 - Talking about the other ways to protect against this attack

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

Related AI Lessons

Meta announced major job cuts, spends billions on AI

Meta announces major job cuts and billions spent on AI, sparking concerns about job security

DeepSeek made its 75% discount permanent. The AI price war just escalated.

DeepSeek makes its 75% discount permanent, escalating the AI price war with significantly lower pricing than competitors like OpenAI

The Next Web AI

Anthropic's Milan Move: Italian AI's Moment of Truth

Anthropic's move to Milan marks a pivotal moment for Italian AI, redefining Europe's tech future

Dev.to · Gian Paolo

Big fears in Big Tech sector over Artificial Intelligence job losses

Big Tech faces job losses due to Artificial Intelligence, learn how to adapt and thrive in this changing landscape

Chapters (10)

Introduction talking a little bit about

0:55 Using Extension to show a legitimate password reset

1:50 Modifying the host header and showing the website uses that in the sent email

2:40 Talking about mail filters auto-clicking links, which means user interaction i

3:30 Sending a password reset to one of my personal emails, to show a mail filter a

4:40 Got our click! Checking the IP Address to show it was a bot

6:00 Showing how easy this vulnerability can occur by having OpenAI Build us code!

7:45 Verifying the code was indeed vulnerable

8:45 Asking the AI ways to protect against this type of attack, the best way is to

10:37 Talking about the other ways to protect against this attack

Claude Opus 4.8 Leaked, GPT 5.6 Spotted, Mythos 1 Preview, & Deepseek v4 Pro UPDATE! AI NEWS