From 53d9014b2b125cb1cc51c667bc228edfd8556a8a Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Thu, 25 Apr 2024 17:37:16 +0200 Subject: [PATCH] Regular Expression ReDoS --- API Key Leaks/README.md | 1 + Regular Expression/README.md | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 Regular Expression/README.md diff --git a/API Key Leaks/README.md b/API Key Leaks/README.md index fbe3f4c..5b7715b 100644 --- a/API Key Leaks/README.md +++ b/API Key Leaks/README.md @@ -75,6 +75,7 @@ Use : https://github.com/ozguralp/gmapsapiscanner/ Impact: + * Consuming the company's monthly quota or can over-bill with unauthorized usage of this service and do financial damage to the company * Conduct a denial of service attack specific to the service if any limitation of maximum bill control settings exist in the Google account diff --git a/Regular Expression/README.md b/Regular Expression/README.md new file mode 100644 index 0000000..3a29a8a --- /dev/null +++ b/Regular Expression/README.md @@ -0,0 +1,36 @@ +# Regular Expression + +> Regular Expression Denial of Service (ReDoS) is a type of attack that exploits the fact that certain regular expressions can take an extremely long time to process, causing applications or services to become unresponsive or crash. + + +## Denial of Service - ReDoS + +* [tjenkinson/redos-detector](https://github.com/tjenkinson/redos-detector) - A CLI and library which tests with certainty if a regex pattern is safe from ReDoS attacks. Supported in the browser, Node and Deno. +* [doyensec/regexploit](https://github.com/doyensec/regexploit) - Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service) +* [devina.io/redos-checker](https://devina.io/redos-checker) - Examine regular expressions for potential Denial of Service vulnerabilities + + +### Evil Regex + +Evil Regex contains: + +* Grouping with repetition +* Inside the repeated group: + * Repetition + * Alternation with overlapping + +**Examples** + +* `(a+)+` +* `([a-zA-Z]+)*` +* `(a|aa)+` +* `(a|a?)+` +* `(.*a){x}` for x \> 10 + +These regular expressions can be exploited with `aaaaaaaaaaaaaaaaaaaaaaaa!` + + +## References + +* [Regular expression Denial of Service - ReDoS - OWASP - Adar Weidman](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS) +* [OWASP Validation Regex Repository - OWASP](https://wiki.owasp.org/index.php/OWASP_Validation_Regex_Repository) \ No newline at end of file