Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk
May 15th 2022
Description The trudesk application allows to sending a very long password (10000000 characters) it's possible to cause a denial of service attack on the server. This may lead to the website becoming unavailable or unresponsive. Usually, this problem is caused by a vulnerable password hashing implementation. When a long password is sent, the password hashing process will result in CPU and memory exhaustion.
Proof of Concept
1.Go to https://docker.trudesk.io/profile paste the payload in Password parameter
2.Copy the payload from this link:- https://drive.google.com/file/d/1E3iqSQE4-t4dXpWQrDPHY7OcspHxYvYE/view?usp=sharing and paste on Password parameter
3.You will see that the application allows long password this can leads to Dos and can exploit as DDos
Video POC :- https://drive.google.com/file/d/1d_QV79hBqGN6GHSt5VLiranA6hO2q2W_/view?usp=sharing
This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.