Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

External service interaction (DNS & HTTP)

Dilip Aug 20, 2018 03:05PM UTC

Dear Team,

During my assessment of a Web app, BurpSuite gave below High Vulnerabilities:

1. Out-of-band resource load (HTTP)
2. External service interaction (DNS & HTTP)

Example of a Request & response:

Request



Response


Could you please send more detailed remediations of this. What does the developers actually have to do to overcome this vulnerabilities?

This is urgently needed as client is confused by the remediation provided by BurpSuite.

Kind Regards,
Dilip
+44 79706 50735


Liam Tai-Hogan Aug 21, 2018 12:41PM UTC Support Center agent

“You should review the purpose and intended use of the relevant application functionality, and determine whether the ability to trigger arbitrary out-of-band resource load is intended behavior. If so, you should be aware of the types of attacks that can be performed via this behavior and take appropriate measures. These measures might include blocking network access from the application server to other internal systems, and hardening the application server itself to remove any services available on the local loopback adapter. You should also ensure that content retrieved from other systems is processed in a safe manner, with the usual precautions that are applicable when processing input from direct incoming web requests.

If the ability to trigger arbitrary out-of-band resource load is not intended behavior, then you should implement a whitelist of permitted URLs, and block requests to URLs that do not appear on this whitelist."

What elements of the remediation would you like us to expand on?

The remediation methods you should advise depend very much on your knowledge of the application following an extensive test.

The first step would be to reproduce the issue manually, possibly using Burp Collaborator Client:

- https://support.portswigger.net/customer/portal/articles/2945928-using-burp-collaborator-client

The next step would be to ascertain whether the ability to trigger arbitrary out-of-band resource load is not intended behavior.

If this is not intended behavior, then the client can follow the remediation advice provided by the tester. Which might include blocking network access from the application server to other internal systems, and hardening the application server itself to remove any services available on the local loopback adapter.


Post Your public answer

Your name
Your email address
Answer