Closed Hipapheralkus closed 3 years ago
Thanks for the report. I will look into this. IN the meantime you can disable the extension for certain tools using the Tools Scope panel.
@Hipapheralkus, When I saw your response string I immediately thought 'ReDoS'. However, I tested all of the detection regexes using SafeRegex and none of them were determined to be vulnerable. Have you added any custom detection patterns that are not in the match rules that come with the distribution?
With more testing I think I have narrowed it down to these expressions:
[A-Za-z\.]+\({1}+([A-Za-z0-9]+\s+[A-Za-z0-9]+(, )?)*\){1}+\s\+{1}+\d++
([A-Za-z]+[.])+[A-Za-z]*Exception:
I'm working to see if these can be simplified to have better performance.
Your immediate remedy is to remove those expressions (highlight and click Remove on the Errors tab). Both match rules are for ASP.Net so you won't lose any detection capability for other languages.
I noticed that sometimes the Intruder stops working, and Repeater response gets stuck for minutes at a time, with specialized HTTP responses (even though in the Logger++ the response is immediate). I found it it only happens, when Error Message Checks extension is enabled, it doesn't happen otherwise. Can you please have a look and improve this behavior? Thanks:) See the following response, which get's everything stuck: