Trying to manipulate the host header in C#

I can do it in python or other languages but I am trying to adopt C# for all my exploit developments. I am writing a PoC for a security bug and it requires me to modify the host header so that it overflows on the server. But it seems there is a maximum limit of 256 characters for host header in HttpClient itself. Here is the snippet:

using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}

using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}

This will throw an exception with message

 The specified value is not a valid 'Host' header string.

 The specified value is not a valid 'Host' header string.

. Is any way to set host header to very long strings in HttpClient? If not, is there any alternative in C#?

C#•3y ago•

4 replies

ivxenog

Trying to manipulate the host header in C#

using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}

using(HttpClient client = new HttpClient())
{
    HttpRequestMessage request = new() {
         RequestUri = new Uri($"http://{TARGET}/"),
         Method = HttpMethod.Get,
    };

    request.Headers.Host = new string('a', 3000);
    await client.SendAsync(request);
}

This will throw an exception with message

 The specified value is not a valid 'Host' header string.

 The specified value is not a valid 'Host' header string.

. Is any way to set host header to very long strings in HttpClient? If not, is there any alternative in C#?

Trying to manipulate the host header in C#

Similar Threads

Trying to manipulate the host header in C#

Similar Threads

Similar Threads

Similar Threads