Spoofing the Referer during a Web Request

by Robert Chartier by Robert Chartier

Contributed by aspfree
Rating: / 11
February 15, 2001

Rate this Article:
MEH MEH++

SEARCH ASP FREE

See Also:

Implement Gzip and Deflate Compression in ASP.Net

Secure Audio Streaming with ASP.Net and Flash

Dynamic Sitemap and Navigation in ASP.Net

ASP.NET Export to Excel and Word using VB.NET and C#

TOOLS YOU CAN USE

advertisement

This is accomplished fairly easily. During the communication from the client to the server when it makes a simple GET request from the server, there are headers which are optionally sent with that request. One of these headers is the "Referer" header.

Give this a shot, and see how easy it is to spoof the Referer during a Web Request:
0. Start, Run, Telnet <enter>
1. Terminal, Preferences...
2. Make sure that "Local Echo" is checked
3. Connect, Remote System...
4. Host Name: www.learnasp.com
5. Port: 80
6. <connect>
7.
8.
9.
10. Type in (exactly):
11. GET /learn/test/servereach.asp HTTP/1.1<enter>
12. Host: www.learnasp.com<enter>
13. Referer: http://www.aspfree.com/devlinks<enter><enter>
14.
15.

If you type it in correctly, you should see the response from the server in the form of HTML. You should notice right away that it reports the HTTP_REFERER:http://www.aspfree.com/devlinks. Now try the exact same thing, but change te Referer to anything you wish. Notice the ouput of the page also changes to reflect this new referer.

Bottom line, never trust the Referer server variable.

References:

Copy Source:
Start, Run, Telnet <enter>Terminal, Preferences...Make sure that "Local Echo" is checked Connect, Remote System...Host Name: www.learnasp.comPort: 80<connect>Type in (exactly):GET /learn/test/servereach.asp HTTP/1.1<enter>Host: www.learnasp.com<enter>Referer: http://www.aspfree.com/devlinks<enter><enter>

blog comments powered by Disqus