Http_referer
Results 1 to 4 of 4

Thread: Http_referer

  1. #1
    Banned
    Join Date
    Mar 2003
    Posts
    21

    Http_referer

    I am preparing a technical paper presentation on web attacks which includes almost everything about web attacks firewall bypassing process injection and so on.
    But have some problems in understanding HTTP_REFERER spoofing techniques i tried searching google but can't find much of interest there and RFC 2616 isn't helping me at all.
    i will appriciate any help or link.

  2. #2
    well, its so easy, get a tool like burpproxy at www.portswigger.net and see what is sent to the server when you request for a webpage, on of the things is the referer (the page you came from before you entered this page), now with referer spoofing it is like changing that page to the one desired by that application in order to get access to something. that's all...

    here is an example:

    connect to www.antionline.com via telnet or via the burpproxy...

    this is what something like what you should see with burpproxy, or what you'd have to type with telnet:

    GET /showthread.php?s=&threadid=260086 HTTP/1.0
    User-Agent: mozilla/4.0(compatible MSIE6.0; Windows NT5.1;Linux)
    Host: www.antionline.com
    Referer: www.antionline.com/index.html
    Cookie:

    and a lot more, but the point is the referer string, with a tool like burpproxy you can change it before it is sent to the server...

    hope this clears things...

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    to put it in other words and other tools for that matter

    there's still a few sites that still assume that you,ve been authenticated if your header lists their site as the referer. the logic being if you've got the referer tag fom a page you need authentication to view you must be authenticated. catching your outgoing header before its sent, with something like achellies allows you to make these changes and then send the request with the altered data. hope that helps
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  4. #4
    Banned
    Join Date
    Mar 2003
    Posts
    21
    Oh yes i get it now.i think i can make my way from here.thanks guys

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •