C
C#11mo ago
crypto

Trying to manipulate the host header in C#

I can do it in python or other languages but I am trying to adopt C# for all my exploit developments. I am writing a PoC for a security bug and it requires me to modify the host header so that it overflows on the server. But it seems there is a maximum limit of 256 characters for host header in HttpClient itself. Here is the snippet: 
using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}
using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}
This will throw an exception with message The specified value is not a valid 'Host' header string.. Is any way to set host header to very long strings in HttpClient? If not, is there any alternative in C#?
4 Replies
Scratch
Scratch11mo ago
are you running this against target hosts that you control or have permission for?
crypto
cryptoOP11mo ago
yes I am testing against my own instance
Omnissiah
Omnissiah11mo ago
if you are in http you could just open a socket and send some text
crypto
cryptoOP11mo ago
Yes, haha why didn't I think of it. Thanks!
Want results from more Discord servers?
Add your server