Talking About SSRF,CRLF
0 likes374 views
The document discusses CRLF injection and SSRF vulnerabilities. CRLF injection occurs when user input is directly parsed into response headers without sanitization, allowing special characters to be injected. SSRF is when a server is induced to make HTTP requests to domains of an attacker's choosing, potentially escalating access. Mitigations include sanitizing user input, implementing whitelists for allowed domains/protocols, and input validation.
Talking About SSRF,CRLF
- 1. Talk on SSRF and CRLF Injection. By Mohit Vohra (Security Engineer at Tac Security)
- 2. Quick overview:- ● What is penetration testing? ● What is web penetration testing?
- 3. What is CRLF Injection? ● CRLF Injection Vulnerability is a web application vulnerability happens due to direct parsing of user entered data to the response header fields like set cookie without proper sanitation. ● CR and LF are special characters (%0a%0d). ● It is one of the injection attacks, it can be used to escalate more malicious attacks like xss.
- 6. Mitigations of CRLF:- ● Always follow the rule of never trust user input. ● Sanitize and neutralize all user-supplied data or properly encode output in HTTP headers that would otherwise be visible to users in order to prevent the injection of crlf.
- 7. What is SSRF? Server-side request forgery is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of attacker’s choosing. SSRF attacks often exploit trust relationships to escalate an attack from the vulnerable application and perform unauthorized actions. These relationships might exist in relation to server itself, or in relation to other back-end systems within the same organization.
- 8. Let’s live demonstrate it..
- 9. Mitigations of SSRF:- ● A blacklist is not a good protection because with so many different protocols, schemes, encodings, bypasses will most certainly occur. Because of this, a whitelist is a better approach. ● Proper input validation of data can majorly help the client to protect the web application against unwanted controls or actions.