Check out my previous articles on P4 bugs – Part 1 , Part 2, Part 3, Part 4, Part 5, Part 6
Hi everyone, I am socalledhacker, i am a security researcher , penetration tester, certified ethical hacker and a web3 noob. In past months, I have discover lots of bugs but in today’s article we are going to discuss about Long String DOS Attack, which i discover recently so without further delay let’s start….
Long String DOS Attack
Recently, I got a bounty for a bug which is DOS, this is the first time I got bounty for DOS bug usually companies mark DOS as out of scope. I found this bug in a self hosted program so due to program policy i can’t disclose the program name but let’s say the program name is example.com
Now while testing different features and functions i got nothing but my instincts says that there is a bug in this program so i keep pushing the boundaries usually I don’t look for bugs like DOS but i thought let’s give it a shot.
So there is a feature in the site, which is like password protect our shop, by this function we can put password on our shop which will make our shop private/hide form public access
Now you are thinking it right, Firstly, I send the request in burpsuite repeater tab and then I put long string about 70-80 character long in password field and checking the response and it’s 200 OK which means there is no server side character limit on password field.
It’s time to attack – I put a long long string about 10MB in the password field and send the request on server and it returned the response with status code 500 and Boom it’s a successful DOS attack. If you are thinking how i know that the string data it about 10 MB so i copy paste it in Notepad save file that’s how i know.
So Like always it time for POC…
Description:- A vulnerability was identified in the password protection feature of the application. This feature does not enforce a character or data size limit on user input in the password field. When a user submits an excessively large string (e.g., 10MB) in the password field, the server processes this input without validation. This results in high resource consumption on the server, leading to a 500 Internal Server Error and effectively causing a Denial of Service (DoS) condition.
Steps to reproduce:-
1 – Go to example.com/v3/passwordProtect/?project=<your-id>
2 – Enter a long string of numeric / alphanumeric digits in make your store private feature.
3 – Click on save and wait for the site to respond
4 – The website starts to load and after a while, it returns a 500 error
5 – This leads to function level dos attack.
Impact:- The target system becomes slow, unresponsive, or inaccessible to legitimate users. This can have a significant impact on an organization’s productivity, such as loss of sales or employees unable to work.
This can also lead to memory corruption as this function is accepting almost a size of 10MB long string.
That’s it for this article I will upload more articles related to web2 bugs covering all p4 to p1 bugs in near future so stay tuned … 🙂
Buy Me a Coffee : https://buymeacoffee.com/socalledhacker
Follow Me On :
Amazing!!
May I have information on the topic of your article?
Thank you for being of assistance to me. I really loved this article.
You made some decent factors there. I appeared on the internet for the problem and located most individuals will associate with together with your website.
Good post and right to the point. I don’t know if this is truly the best place to ask but do you people have any thoughts on where to hire some professional writers? Thanks 🙂
Thanks for the publish. I have often seen that a majority of people are desperate to lose weight when they wish to appear slim plus attractive. Even so, they do not usually realize that there are other benefits just for losing weight in addition. Doctors assert that overweight people have problems with a variety of diseases that can be perfectely attributed to their excess weight. The great news is that people that are overweight plus suffering from numerous diseases can reduce the severity of the illnesses simply by losing weight. It is possible to see a slow but identifiable improvement with health as soon as even a bit of a amount of weight loss is achieved.
In these days of austerity plus relative stress and anxiety about having debt, a lot of people balk contrary to the idea of having a credit card to make acquisition of merchandise as well as pay for any gift giving occasion, preferring, instead only to rely on the actual tried and trusted way of making payment – cash. However, in case you have the cash there to make the purchase fully, then, paradoxically, that is the best time for them to use the cards for several reasons.
I have been reading out many of your stories and i can claim pretty clever stuff. I will definitely bookmark your blog.
Wow, marvelous blog structure! How long have you ever been blogging for? you made blogging glance easy. The whole look of your web site is great, let alone the content material!