The query time is controllable by randomblob
1,235 views
Skip to first unread message
Luis Ernesto Rodriguez
Jun 17, 2023, 5:02:59 PM6/17/23
to OWASP ZAP User Group
Hello everyone
The query time is controllable using parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [44] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [50] milliseconds, when the original unmodified query with value [login] took [405] milliseconds.
Im getting this issue when I scan my site. The thing is what I have to do to solve it
What I do is when the site identifies one of these patterns it returns a 404 error
thc...@gmail.com
Jun 20, 2023, 8:41:26 AM6/20/23
to zaprox...@googlegroups.com
Hi.
Given just the 6ms difference and that the original request took 405ms I
think this is a false positive.
Resending the request associated with the alert should clarify that
(i.e. does it still take more time sending the second payload vs the
first). (The 404 might also be an indication of a FP.)
It worth noting that the scan rules are being improved wrt the
time-based attacks which should reduce the false positives.
Best regards.
Given just the 6ms difference and that the original request took 405ms I
think this is a false positive.
Resending the request associated with the alert should clarify that
(i.e. does it still take more time sending the second payload vs the
first). (The 404 might also be an indication of a FP.)
It worth noting that the scan rules are being improved wrt the
time-based attacks which should reduce the false positives.
Best regards.
Reply all
Reply to author
Forward
0 new messages