EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities

Pierre Payet, Adam Doupé, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Execution After Redirect vulnerabilities - logic flaws in web applications where unintended code is executed after a redirect - have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities. To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,957 domains. We employ a black-box approach that finds EARs which manifest themselves by information leakage in the HTTP redirect response. For this type of EAR, we developed a classification system that discovered 2,173 security-critical EARs among 416 domains. This result shows that EARs are a serious and prevalent problem on the Internet today and deserve future research attention.

Original languageEnglish (US)
Title of host publication28th Annual ACM Symposium on Applied Computing, SAC 2013
Pages1792-1799
Number of pages8
DOIs
StatePublished - May 27 2013
Event28th Annual ACM Symposium on Applied Computing, SAC 2013 - Coimbra, Portugal
Duration: Mar 18 2013Mar 22 2013

Publication series

NameProceedings of the ACM Symposium on Applied Computing

Other

Other28th Annual ACM Symposium on Applied Computing, SAC 2013
CountryPortugal
CityCoimbra
Period3/18/133/22/13

    Fingerprint

ASJC Scopus subject areas

  • Software

Cite this

Payet, P., Doupé, A., Kruegel, C., & Vigna, G. (2013). EARs in the wild: Large-scale analysis of Execution After Redirect Vulnerabilities. In 28th Annual ACM Symposium on Applied Computing, SAC 2013 (pp. 1792-1799). (Proceedings of the ACM Symposium on Applied Computing). https://doi.org/10.1145/2480362.2480699