search

toptal / haste-server

open source pastebin written in node.js
https://www.toptal.com/developers/hastebin/about
2.92k stars 796 forks source link

Insecure default: phonetic alphabet with keyLength=10 is brute-forcible #452

Closed JorianWoltjer closed 2 months ago

JorianWoltjer commented 3 months ago

I found that this software has a slight vulnerability by default. All files generated get a random ID like /oraxirinic.sh which looks pretty random but is fairly guessable when calculating the odds. The trick here is that by default, the "phonetic" generator is used with a length of 10, implemented here:

https://github.com/zneix/haste-server/blob/master/lib/key_generators/phonetic.js

It randomly chooses vowels or consonants based on whether the index is even or odd, causing a pattern like 1010101010 where 1 is a vowel, and 0 is a consonant. This significantly reduces the number of possibilities down to a brute-forcible range:

>>> len("aeiouy")**5 * len('bcdfghjklmnpqrstvwxyz')**5
31757969376  # requests
>>> (len("aeiouy")**5 * len('bcdfghjklmnpqrstvwxyz')**5) / (1000 * 60 * 60 * 24)
367.56909  # days

For a malicious actor trying at 1000 requests per second, they will be able to test every possible path in just a year, and likely find them earlier the more files exist or the faster they can request. Users may store sensitive things here and expect the paths not to be guessable. This can be worked around in config.js file by setting keyLength higher or keyGenerator.type to a greater search space like "random" or "dictionary", but I think it is not a good idea to make the default configuration contain this risk.

github-actions[bot] commented 2 months ago

This issue is stale because it has been open for 30 days with no activity.

github-actions[bot] commented 2 months ago

This issue was closed because it has been inactive for 14 days since being marked as stale.