If not redirected, please click here https://www.thesecuritybuddy.com/dos-ddos-prevention/what-is-billion-laughs-attack/
A Billion Laughs Attack is a
Denial of Service or DoS Attack which targets parsers of XML
documents. The attack is also known as an XML Bomb or
Exponential Entity Expansion Attack or XEE Attack.
An XML entity is a symbolic
representation of information like a variable in computer program. It
is declared in Document Type Definition or DTD with the following
syntax :
<!ENTITY
entityName "The text you want to appear when the entity is
used">
Now, let's consider the following lines of code :
<?xml version="1.0"?>
<!DOCTYPE lolz [
<!ENTITY lol "lol">
<!ENTITY lol2 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
<!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
<!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
<!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
<!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
<!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
<!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
<!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
]>
<lolz>&lol9;</lolz>
This example consists of ten entities. Each entity consists of ten of the previous entity. And the document will consist of one billion copies of the first entity.
In most of the examples the first entity is represented as the string “lol” and hence the name The Billion Laughs Attack.
As the document consists of one billion copies of the first entity, the computer memory used will exceed the memory available to the process parsing the XML. As a result, the parser will consume an exponential amount of resources, causing a Denial of Service attack.
The attack was first reported in 2002. But, it began to be widely addresses later.
How to prevent Billion Laughs Attack or XEE Attack ?
There are couple of steps that can be taken.
- We
can limit the number of Entity Reference Nodes that the parser can
expand.
- We
can limit the number of characters up to which the entity can expand.
So, beware of all the vulnerabilities. And stay safe, stay secured.
Read More
What is Web Application Firewall ?
What is Deep Packet Inspection ?
What is Next Generation Firewall ?
How to prevent DDoS attacks ?
What is IoT Botnet ?
How does Network Segmentation improve security ?
No comments:
Post a Comment