Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

External service interaction (DNS & HTTP)

Dilip | Last updated: Aug 20, 2018 03:05PM UTC

Dear Team, During my assessment of a Web app, BurpSuite gave below High Vulnerabilities: 1. Out-of-band resource load (HTTP) 2. External service interaction (DNS & HTTP) Example of a Request & response: Request Response Could you please send more detailed remediations of this. What does the developers actually have to do to overcome this vulnerabilities? This is urgently needed as client is confused by the remediation provided by BurpSuite. Kind Regards, Dilip +44 79706 50735

Liam, PortSwigger Agent | Last updated: Aug 21, 2018 12:38PM UTC

"You should review the purpose and intended use of the relevant application functionality, and determine whether the ability to trigger arbitrary out-of-band resource load is intended behavior. If so, you should be aware of the types of attacks that can be performed via this behavior and take appropriate measures. These measures might include blocking network access from the application server to other internal systems, and hardening the application server itself to remove any services available on the local loopback adapter. You should also ensure that content retrieved from other systems is processed in a safe manner, with the usual precautions that are applicable when processing input from direct incoming web requests. If the ability to trigger arbitrary out-of-band resource load is not intended behavior, then you should implement a whitelist of permitted URLs, and block requests to URLs that do not appear on this whitelist." What elements of the remediation would you like us to expand on? The remediation methods you should advise depend very much on your knowledge of the application following an extensive test. The first step would be to reproduce the issue manually, possibly using Burp Collaborator Client: - https://support.portswigger.net/customer/portal/articles/2945928-using-burp-collaborator-client The next step would be to ascertain whether the ability to trigger arbitrary out-of-band resource load is not intended behavior. If this is not intended behavior, then the client can follow the remediation advice provided by the tester. Which might include blocking network access from the application server to other internal systems, and hardening the application server itself to remove any services available on the local loopback adapter.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.