|
|
|
|
|
|
by pyjug
1407 days ago
|
|
|
>Domains that resolve to private IPs: attacker could set up foo.com which resolves to a private IP There's a clever extension to this attack; a naive way to mitigate it is to do a DNS resolution first to verify it's not a private IP and then do the actual request. An attacker can simply return a public IP on the first DNS resolution (with a 0 TTY) and then return a private IP on the second. This is called a "TOCTOU" (time-of-check time-of-use) vulnerability. I've written about this and other security best practices on my blog here - https://www.ameyalokare.com/technology/webhooks/2021/05/03/s... I've also built an egress proxy that prevents such attacks here - https://github.com/juggernaut/webhook-sentry Same caveat applies, use at your own risk :-) |
|
|