Host Header Attack : Cache Poisoning

Please refer Host Header Attack previous post before reading this one

Steps to perform Cache Poisoning Attack:

1. Find URL in burp suite having status code 2xx | 3xx.

2. After intercepting the website, send it to intruder and change host to any website (Eg: Bing.com).

3. Click go and search in response for the website you have entered(Eg: here bing).

4. If found, Right-click where you changed the host name and click on "show response in browser".

5. Try every clickable item on the webpage, if it is getting redirected to a website( which you have entered in the host field) then there is a vulnerability.