Jump to content
kristoffersantiago

brainXploit 10: Vulnerability hunt 2

Recommended Posts

morfal

According to the SOURCE: Microsoft Secure Blog, a quick search on Google with the following keywords reveals a few interesting links.

 

"regular expression" "microsoft secure blog"

Found links:

The first link presents SDL Regex Fuzzer, a tool of Microsoft from the SDL Tools suite.

In the article of the second link, it is mentioned that:

Quote

The subexpression (\.[a-zA-Z0-9\-\._]+){2,} in the pattern contains a grouping expression with repetition (\.[a-zA-Z0-9\-\._]+) that is itself repeated via the expression {2,}. The worst-case operation time for such a regex construction is exponential time O(2n)O(2n), and this could allow an attacker to craft a relatively short input value that would hang the application in an exponential processing loop.

The given regular expression is susceptible to a ReDoS attack (Regular expression DoS). This can be tested with the "SDL Regex Fuzzer" tool of Microsoft.

This can be tested with SDL Regex Fuzzer like in the following screenshot :

brainXploit-10-test.thumb.png.118f73a5210cee100a70e7a96c828f04.png

The answer is thus that this code is susceptible to ReDoS attack.

  • Like 1

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×