Skip to content
/ headi Public

Customisable and automated HTTP header injection

Notifications You must be signed in to change notification settings

mlcsec/headi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 

Repository files navigation

headi

Customisable and automated HTTP header injection. Example run from the HTB machine Control:

InsecureSkipVerify is not currently configured, if you want to disable security checks then feel free to uncomment crypto/tls in the imports and the TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, lines in http transport configuration and then build locally.


Install

go install github.com/mlcsec/headi@latest

Or from git:

git clone https://github.com/mlcsec/headi.git
make before.build
make build.headi
sudo mv headi /usr/local/bin

Headers

Injects the following HTTP headers:

  • Client-IP
  • Connection
  • Contact
  • Forwarded
  • From
  • Host
  • Origin
  • Referer
  • True-Client-IP
  • X-Client-IP
  • X-Custom-IP-Authorization
  • X-Forward-For
  • X-Forwarded-For
  • X-Forwarded-Host
  • X-Forwarded-Server
  • X-Host
  • X-HTTP-Host-Override
  • X-Original-URL
  • X-Originating-IP
  • X-Real-IP
  • X-Remote-Addr
  • X-Remote-IP
  • X-Rewrite-URL
  • X-Wap-Profile

An initial baseline request is made to gauge the normal response for the target resource. Green indicates a change in the response and red no change. [+] and [-] respectively.


Usage

Two options for HTTP header injection:

  1. Default payloads (127.0.0.1, localhost, etc.) are injected into the headers mentioned above
  2. Custom payloads can be supplied (e.g. you've enumerated some internal IPs or domains) using the pfile parameter
$ headi
Usage:
  headi -u https://target.com/resource
  headi -u https://target.com/resource -p internal_addrs.txt

Options:
  -p, --pfile <file>       Payload File
  -t, --timeout <millis>   HTTP Timeout
  -u, --url <url>          Target URL

Currently only takes one URL as input but you can easily bash script for numerous URLs like so:

$ for i in $(cat urls); do headi -url $i;done

About

Customisable and automated HTTP header injection

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •