JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs

by | Dec 12, 2022 | News

JSON syntax to a SQL statement WAF bypass

Post Views: 628

Premium Content

Patreon

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

Security researchers have developed a technique that prevents web application firewalls (WAFs) from detecting SQL injection attacks.

 

Several leading vendors’ WAFs failed to support JSON syntax in their SQL injection inspection process, allowing security researchers from Claroty’s Team82 to “prepend JSON syntax to a SQL statement that blinded a WAF to the malicious code”.

The hack worked against WAFs from five leading vendors: Palo Alto Networks, Amazon Web Services, Cloudflare, F5, and Imperva.

All five have updated their products to support JSON syntax in their SQL injection inspection process, clearing the way for Claroty to publish a technical blog post detailing its research.

See Also: So you want to be a hacker?
Complete Offensive Security and Ethical Hacking Course

Prior to recent security updates, attackers using the JSON-based hack would have been able to bypass the WAF’s protection in attempts to exfiltrate data or mount other potential attacks.

 

“Major WAF vendors lacked JSON support in their products, despite it being supported by most database engines for a decade,” Claroty notes.

“We believe that other vendors’ products may be affected, and that reviews for JSON support should be carried out.”

JSON is a standard file and data exchange format, often used to exchange data between a server and a web application.

The generic WAF bypass was covered by Team82 during the course of unrelated research (specifically into Cambium Networks’ wireless device management platform) that was being thwarted by a web application firewall.

Trending: Exploit XSS Injections in a one-line powerful Technique

Trending: Offensive Security Tool: Pycrypt

IoT and OT processes that are monitored and managed from the cloud are most at risk from the issue, according to Claroty. “Organizations should ensure they’re running updated versions of security tools in order to block these bypass attempts,” it advised.

Trending: Kali Linux 2022.4 – New Release adds 6 new tools, Kali NetHunter Update, Azure

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: portswigger.net

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This