AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Resource Denial of Service

The attacker can force application into a denial of service state

Severity

Critical

Fix Cost

Low

Trust Level

High

One of the deadliest Denial of Service attacks are triggered when the attacker uses small number resources but creates a huge resource shortage on the target application that prevents legitimate users to use the application normally.

The APIs that deal with file systems, networking, processing capabilities, storage technologies or any other critical resources shouldn’t be fed directly by the untrusted user without any whitelist validation strategies applied first.

The code below accepts a parameter from the untrusted user and use it as an input for a sleep operation. An attacker may hang one or more threads for a very long time by sending big numbers.

                            
public class ItemsController : ApiController
{
[HttpPost]
public HttpResponseMessage Post(Item item)
{
// send item for processing
// wait for a while for processing status
// client may override the polling time
   		 
while(!ProcessingService.IsComplete(item))
{
Thread.Sleep(item.pollSeconds * 1000);
}
   		 
}
...
            
            

One of the deadliest Denial of Service attacks are triggered when the attacker uses small number resources but creates a huge resource shortage on the target application that prevents legitimate users to use the application normally.

The APIs that deal with file systems, networking, processing capabilities, storage technologies or any other critical resources shouldn’t be fed directly by the untrusted user without any whitelist validation strategies applied first.

The code below accepts a parameter from the untrusted user and use it as an input for a sleep operation. An attacker may hang one or more threads for a very long time by sending big numbers.


@Controller
public class ItemsController
{
@RequestMapping(method = RequestMethod.POST)
public String Post(Item item)
{
// send item for processing
// wait for a while for processing status
// client may override the polling time
   		 
while(!ProcessingService.IsComplete(item))
{
Thread.sleep(item.pollSeconds * 1000);
}   		
...

		

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!