HTTP Parameter Pollution
HTTP Parameter Pollution (HPP) vulnerabilities allow attackers to exploit web applications by manipulating the query parameters in the URL and requested body which causes the Cross Site Scripting or Privilege Escalation or bypass Authorization.
HTTP Parameter Pollution affects both Server side as well as Client Side components as it is injecting additional/multiple parameters (i.e. GET/POST/Cookie) to the links, tags, attributes.
HTTP Parameter Pollution attacks may add parameters or overwrite the existing parameters variables by injecting query string delimiters into existing HTTP parameters.
If exploited it can be launched from Client Side or server side attacks.
Modal:
- First we need one vulnerable web application. In this tutorial i am working with bWAPP web application. If you need bWAPP you can download here https://sourceforge.net/projects/bwapp/ .
- HTTP Parameter Pollution is possible most of the time in URL based.
- Do this, you just submit the form in web page, After submit see the URL. For example current URL is “http://localhost/work/bWAPP_latest/bWAPP/hpp-3.php?movie=9&name=vegabird&action=vote”. Here you got 3 parameters.Now you copy the same URL and change it like “http://localhost/work/bWAPP_latest/bWAPP/hpp-3.php?movie=9&name=vegabird&action=vote&movie=2” then past it your URL section and run it. if here possible of HTTP Parameter Pollution then it will work.
Prevention of HTTP Parameter Pollution:
- Keep in mind that your web application validates all forms, headers, cookie fields, hidden fields, and parameters, i.e. input validation.
- Accept parameters only where they are supposed to be supplied.
- HTTP Parameter Pollution server side, it’s always important to use URL encoding whenever you do GET/POST HTTP requests to an HTTP back-end.
- From the client-side point of view, use URL encoding whenever you are going to include user-supplied content within links, etc.
Related Articles
Web security issues you need to be concerned
1. SQL Injection (SQLi) The SQL injection is the most common web security issue faced by most of the companies. An SQL injection is the injection attack where hackers can input malicious SQL queries to pull sensitive data from the database. These SQL ...RESTAPI Vulnerability Scanner
Hi, This post is regarding VOOKI – RESTAPI Vulnerability Scanner. Before you learn about RESTAPI Vulnerability Scanner. You need to learn few things please read below. First, we learn about what is Web Service? WEB SERVICE: A web service is a ...How to use burp suite with android mobile
Hi, This post is regarding How to use burp suite with android mobile. Step 1: Open Settings and click Wi-Fi in your mobile. Step 2 : Click on Wi-Fi and Long press on your Connected Network (here TP-LICK_720C). Step 3 : Click on Modify network. Step 4 ...command injection
Hi, This post is regarding Command Injection. Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application ...insecure deserialization – xvna
Hi, This post is regarding How to find Insecure deserialization in XVNA. Since many apps that accept serialized objects do not validate or check untrusted input before deserializing it, attackers can inject malicious objects into a data stream and ...