03-31-2021, 07:23 AM
When the same data is parsed twice by different parsers, some interesting security bugs can be introduced. In this post I will show how I used fuzzing to find a parser diffential issue in Kibana’s alerting and actions feature and how I leveraged radamsa to fuzz NodeJS’ URL parsers.
Kibana alerting and actions
Kibana has an alerting feature that allows users to trigger an action when certain conditions are met. There’s a variety of actions that can be chosen like sending an email, opening a ticket in Jira or sending a request to a webhook. To make sure this doesn’t become SSRF as a feature, there’s an xpack.actions.allowedHosts setting where users can configure a list of hosts that are allowed as webhook targets.
Read More : https://reconshell.com/ssrf-bypassing-ho...h-fuzzing/
Kibana alerting and actions
Kibana has an alerting feature that allows users to trigger an action when certain conditions are met. There’s a variety of actions that can be chosen like sending an email, opening a ticket in Jira or sending a request to a webhook. To make sure this doesn’t become SSRF as a feature, there’s an xpack.actions.allowedHosts setting where users can configure a list of hosts that are allowed as webhook targets.
Read More : https://reconshell.com/ssrf-bypassing-ho...h-fuzzing/
![[Image: logo-white1.png]](https://reconshell.com/wp-content/uploads/2020/12/logo-white1.png){kind=logo}