ReDoS -Vulnerability
==> DoS — Deniel of Service ( this means continuous requests are flooding over the server this leads the server to get into hang or crash)
==>> ReDoS — similar for attack using Regular expressions like [+ ,(), * etc…]
==>>> with regular expressions we can assign the characters multiple times.
>>>>||-> If the Regular Expression Implementation may reach extreme situation that cause them to work slowly… so it make your machine hang for very long time.
>+?==?+> Regex native algorithm or its express as Regex naïve algorithm — refers each pair of state like inputs have several possible next state for output, like it has some pattern to follow.
“This algorithm tries one by one all possible paths until a match is found”.
If the input fails to match,the engine goes back to previous positions where it could find different paths. — — called Backtracking
::Risk Factors :: →> In web there are Regular expressions in every layer like ((client side -> proxy -> IPs -> web app -> Database)) $ This lead to web database attack and web application firewall attack also ,so all process gets hang on time. still it recover..
Example of attack expressions — -😁 don’t want to type here, sharing reference links at end …
{{ — — Situation of ReDos attack — — -}}
A Guy is research on his Bug Bounty exercise for an eCommerce company and they using AWS cloud lambda services
— -==> He found a ReDos attack Vulnerability attack that can result in AWS charging you for additional Lambda services.
— -==> Aws lambda is serverless state machine ,all are managed by cloud provider.
— -==> his task is to find where it is hosted
— -==> he found it hosted on S3/AWS
— -==> he found the application level DoS, which can cause additional charges to an organisation, based on AWS lambda pricing
— -==> means , he entered regular expressions in username place ,and got 503 error, means it cause DoS over AWS itself, if it get automated that is called ReDoS.
For tackle these attacks and finding vulnerabilities “A research team led by Prof. Chen Haiming from the Institute of Software of the Chinese Academy of Sciences developed high-performance detection tool for ReDoS-vulnerability”.
The team found conditions and pattern to detect vulnerability and designed ReDoSHunter tool. so it can find accurately .
As they said ,, “ It detecting the publicly-confirmed practical vulnerabilities in Common Vulnerabilities and Exposure (CVE),” — CVE also attached in references.
::::References ::::
Basic about Regular Expressions — https://www.geeksforgeeks.org/write-regular-expressions/
About ReDoS Vulnerability — https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
AWS vulnearability for Example — https://medium.com/@ddigvijay/how-to-secure-aws-serverless-lambda-from-redos-regular-expression-denial-of-service-resultant-12f0401118cd
CVE in ExploitDB: -https://www.exploit-db.com/papers/38149 (research paper is available) for learning detail about that .
news about ReDoSHunter detection tool: https://techxplore.com/news/2021-08-high-performance-tool-redos-vulnerability.html
