EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities

Pierre Payet; Adam Doupé; Christopher Kruegel; Giovanni Vigna

doi:10.1145/2480362.2480699

EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities

Pierre Payet, Adam Doupé, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

7 Scopus citations

Abstract

Execution After Redirect vulnerabilities - logic flaws in web applications where unintended code is executed after a redirect - have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities. To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,957 domains. We employ a black-box approach that finds EARs which manifest themselves by information leakage in the HTTP redirect response. For this type of EAR, we developed a classification system that discovered 2,173 security-critical EARs among 416 domains. This result shows that EARs are a serious and prevalent problem on the Internet today and deserve future research attention.

Original language	English (US)
Title of host publication	28th Annual ACM Symposium on Applied Computing, SAC 2013
Pages	1792-1799
Number of pages	8
DOIs	https://doi.org/10.1145/2480362.2480699
State	Published - 2013
Externally published	Yes
Event	28th Annual ACM Symposium on Applied Computing, SAC 2013 - Coimbra, Portugal Duration: Mar 18 2013 → Mar 22 2013

Publication series

Name	Proceedings of the ACM Symposium on Applied Computing

Other

Other	28th Annual ACM Symposium on Applied Computing, SAC 2013
Country/Territory	Portugal
City	Coimbra
Period	3/18/13 → 3/22/13

ASJC Scopus subject areas

Software

Access to Document

10.1145/2480362.2480699

Cite this

Payet, P, Doupé, A, Kruegel, C & Vigna, G 2013, EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities. in 28th Annual ACM Symposium on Applied Computing, SAC 2013. Proceedings of the ACM Symposium on Applied Computing, pp. 1792-1799, 28th Annual ACM Symposium on Applied Computing, SAC 2013, Coimbra, Portugal, 3/18/13. https://doi.org/10.1145/2480362.2480699

@inproceedings{0fa6a68d074b42dba79f17af2003d0dd,

title = "EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities",

abstract = "Execution After Redirect vulnerabilities - logic flaws in web applications where unintended code is executed after a redirect - have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities. To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,957 domains. We employ a black-box approach that finds EARs which manifest themselves by information leakage in the HTTP redirect response. For this type of EAR, we developed a classification system that discovered 2,173 security-critical EARs among 416 domains. This result shows that EARs are a serious and prevalent problem on the Internet today and deserve future research attention.",

author = "Pierre Payet and Adam Doup{\'e} and Christopher Kruegel and Giovanni Vigna",

year = "2013",

doi = "10.1145/2480362.2480699",

language = "English (US)",

isbn = "9781450316569",

series = "Proceedings of the ACM Symposium on Applied Computing",

pages = "1792--1799",

booktitle = "28th Annual ACM Symposium on Applied Computing, SAC 2013",

note = "28th Annual ACM Symposium on Applied Computing, SAC 2013 ; Conference date: 18-03-2013 Through 22-03-2013",

}

TY - GEN

T1 - EARs in the wild

T2 - 28th Annual ACM Symposium on Applied Computing, SAC 2013

AU - Payet, Pierre

AU - Doupé, Adam

AU - Kruegel, Christopher

AU - Vigna, Giovanni

PY - 2013

Y1 - 2013

N2 - Execution After Redirect vulnerabilities - logic flaws in web applications where unintended code is executed after a redirect - have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities. To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,957 domains. We employ a black-box approach that finds EARs which manifest themselves by information leakage in the HTTP redirect response. For this type of EAR, we developed a classification system that discovered 2,173 security-critical EARs among 416 domains. This result shows that EARs are a serious and prevalent problem on the Internet today and deserve future research attention.

AB - Execution After Redirect vulnerabilities - logic flaws in web applications where unintended code is executed after a redirect - have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities. To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,957 domains. We employ a black-box approach that finds EARs which manifest themselves by information leakage in the HTTP redirect response. For this type of EAR, we developed a classification system that discovered 2,173 security-critical EARs among 416 domains. This result shows that EARs are a serious and prevalent problem on the Internet today and deserve future research attention.

UR - http://www.scopus.com/inward/record.url?scp=84877992639&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84877992639&partnerID=8YFLogxK

U2 - 10.1145/2480362.2480699

DO - 10.1145/2480362.2480699

M3 - Conference contribution

AN - SCOPUS:84877992639

SN - 9781450316569

T3 - Proceedings of the ACM Symposium on Applied Computing

SP - 1792

EP - 1799

BT - 28th Annual ACM Symposium on Applied Computing, SAC 2013

Y2 - 18 March 2013 through 22 March 2013

ER -

EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this