Tasiri
Buƙatar Jarumin Side-Server (SSRF) babban lahani ne wanda ke bawa maharin damar jawo aikace-aikacen gefen uwar garke don yin buƙatu zuwa wurin da ba a yi niyya ba [S1]. Wannan na iya haifar da fallasa ayyuka na ciki masu mahimmanci, samun izini mara izini zuwa wuraren ƙarshen metadata na girgije, ko ƙetare tacewar wuta na cibiyar sadarwa [S1].
Tushen Dalili
SSRF yawanci yana faruwa lokacin da aikace-aikacen yana aiwatar da URL ɗin da aka kawo mai amfani ba tare da ingantaccen inganci ba, yana barin uwar garken a matsayin wakili don buƙatun ƙeta [S1]. Bayan gazawar aiki, gabaɗayan yanayin tsaro na rukunin yanar gizon yana da tasiri sosai ta hanyar daidaitawar taken HTTP [S2]. An ƙaddamar da shi a cikin 2016, Mozilla's HTTP Observatory ya bincika sama da gidajen yanar gizo miliyan 6.9 don taimakawa masu gudanarwa su ƙarfafa kariya daga waɗannan barazanar gama gari ta hanyar ganowa da magance yuwuwar raunin tsaro [S2].
Yadda FixVibe yayi gwajinsa
FixVibe ya riga ya rufe sassan biyu na wannan batun bincike:
- Gated SSRF tabbatarwa *:
active.blind-ssrfyana gudana ne kawai a cikin ingantattun sikanin aiki. Yana aika da iyakacin iyaka zuwa canaries mai siffa URL da SSRF masu dacewa da aka gano yayin rarrafe, sannan ya ba da rahoton batun kawai lokacin da FixVibe ya karɓi kiran da aka ɗaure da wannan sikanin.
Saukewa: ZXCVFIXVIBESEG10
- Yarda da kai *:
headers.security-headersa hankali yana bincika masu amsawar rukunin yanar gizon don sarrafa taurin mai binciken iri ɗaya wanda aka jaddada ta hanyar bita-bita na Observatory, gami da CSP, HSTS, X-FX X-Nau'in-Nau'in Zaɓuɓɓuka, Manufa-Manufa, da Izini-Manufar.
Saukewa: ZXCVFIXVIBESEG11 Binciken SSRF baya buƙatar buƙatun ɓarna ko ingantaccen shiga. An keɓance shi don ingantattun maƙasudi da bayar da rahoton tabbataccen shaidar sake kiran waya maimakon yin zato daga sunaye kaɗai.