Welcome to eLearnSecurity Community

Once logged in as a eLearnSecurity student, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.
 
If you are not an eLearnSecurity student yet, give a look at our awesome IT Security courses.

kristoffersantiago

brainXploit 10: Vulnerability hunt 2

' '  inside of " " ,not " " inside of other " " ?

Share this post


Link to post
Share on other sites

According to the SOURCE: Microsoft Secure Blog, a quick search on Google with the following keywords reveals a few interesting links.

 

"regular expression" "microsoft secure blog"

Found links:

The first link presents SDL Regex Fuzzer, a tool of Microsoft from the SDL Tools suite.

In the article of the second link, it is mentioned that:

Quote

The subexpression (\.[a-zA-Z0-9\-\._]+){2,} in the pattern contains a grouping expression with repetition (\.[a-zA-Z0-9\-\._]+) that is itself repeated via the expression {2,}. The worst-case operation time for such a regex construction is exponential time O(2n)O(2n), and this could allow an attacker to craft a relatively short input value that would hang the application in an exponential processing loop.

The given regular expression is susceptible to a ReDoS attack (Regular expression DoS). This can be tested with the "SDL Regex Fuzzer" tool of Microsoft.

This can be tested with SDL Regex Fuzzer like in the following screenshot :

brainXploit-10-test.thumb.png.118f73a5210cee100a70e7a96c828f04.png

The answer is thus that this code is susceptible to ReDoS attack.

1 person likes this

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now