Posts

Showing posts from 2018

Various SSRF conditions on KeyCDN tools

Image
Hi There, It is common to find websites/tools on the internet which performs speed test, loading third party images, load external JavaScript files etc. to be vulnerable to Server Side Request Forgery. I've found a couple of them, reported but some of them did not take it seriously. I've recently ran into KeyCDN tools website , a site owned and operated by KeyCDN , a CDN company and reported to be one of the best solution according to the TechRadar info . After looking at some functionalities presented on the web site I've found a few SSRF conditions. Here it goes: 1) Using the Trace Route utility to discovery some Internal IP Address When I used the Trace Route functionality there was an internal IP address 10.0.10.1 (which seems  no longer there) belonging to the Frankfurt POP. 2) Using the Ping utility to confirm the above finding (and maybe Brute Force some hosts?) I will discuss the FQDN you are seeing there soon! 3) Using the Performance Test  utility

Make-HtDigest - a tool to audit password files for WildFly / JBOSS / Apache

Hi there, I've created a tool called Make-HtDigest which is able to generate username + password combination based on a word-list for HTTP Digest Authentication. This can be used to compare output with real password files such as mgmt-users.properties from WildFly and .digest_pw from Apache. I hope it is useful and you enjoy it.

A tool to detect Slow HTTP DoS attacks on pcap files

Image
Hello everybody, I wrote a python tool to detect Slow HTTP DoS attacks on pcap files: slowdos_detector . This is ideal for post-mortem analysis on captured traffic (pcap files). If you are curious about how to test it, you could leverage slowhttptest  to launch an HTTP DoS attack on your test server, capture the traffic and then use slowdos_detector to show offending HTTP transactions. Enjoy it and ping me if you have questions, issues or suggestions.

Signing Requests to AWS on OWASP Zed Attack Proxy - ZAP

Hello All, I've written a Help Add On Script for the OWASP Zed Attack Proxy to sign requests to Amazon AWS. You can check it here . Enjoy it!