Skip to content

Payloads All The Things

Regular Expression

Payloads All The Things

Payloads All The Things
CONTRIBUTING
API Key Leaks
API Key Leaks
- API Key Leaks
AWS Amazon Bucket S3
AWS Amazon Bucket S3
- Amazon Bucket S3 AWS
Account Takeover
Account Takeover
- Account Takeover
Argument Injection
Argument Injection
- Argument Injection
Business Logic Errors
Business Logic Errors
- Business Logic Errors
CICD
CICD
- CI/CD attacks
CORS Misconfiguration
CORS Misconfiguration
- CORS Misconfiguration
CRLF Injection
CRLF Injection
- Carriage Return Line Feed
CSRF Injection
CSRF Injection
- Cross-Site Request Forgery
CSV Injection
CSV Injection
- CSV Injection
CVE Exploits
CVE Exploits
- Common Vulnerabilities and Exposures
- CVE-2021-44228 Log4Shell
Clickjacking
Clickjacking
- Clickjacking: Web Application Security Vulnerability
Command Injection
Command Injection
- Command Injection
DNS Rebinding
DNS Rebinding
- DNS Rebinding
Dependency Confusion
Dependency Confusion
- Dependency Confusion
Directory Traversal
Directory Traversal
- Directory Traversal
Dom Clobbering
Dom Clobbering
- Dom Clobbering
File Inclusion
File Inclusion
- File Inclusion
Google Web Toolkit
Google Web Toolkit
- Google Web Toolkit
GraphQL Injection
GraphQL Injection
- GraphQL Injection
HTTP Parameter Pollution
HTTP Parameter Pollution
- HTTP Parameter Pollution
Hidden Parameters
Hidden Parameters
- HTTP Hidden Parameters
Insecure Deserialization
Insecure Deserialization
Insecure Direct Object References
Insecure Direct Object References
- Insecure Direct Object References
Insecure Management Interface
Insecure Management Interface
- Insecure Management Interface
Insecure Randomness
Insecure Randomness
- Insecure Randomness
Insecure Source Code Management
Insecure Source Code Management
- Insecure Source Code Management
JSON Web Token
JSON Web Token
- JWT - JSON Web Token
Java RMI
Java RMI
- Java RMI
Kubernetes
Kubernetes
- Kubernetes
LDAP Injection
LDAP Injection
- LDAP Injection
LaTeX Injection
LaTeX Injection
- LaTex Injection
Mass Assignment
Mass Assignment
- Mass Assignment
Methodology and Resources
Methodology and Resources
NoSQL Injection
NoSQL Injection
- NoSQL Injection
OAuth Misconfiguration
OAuth Misconfiguration
- OAuth Misconfiguration
Open Redirect
Open Redirect
- Open URL Redirection
Prompt Injection
Prompt Injection
- Prompt Injection
Prototype Pollution
Prototype Pollution
- Prototype Pollution
Race Condition
Race Condition
- Race Condition
Regular Expression
Regular Expression
- Regular Expression Regular Expression
  Table of contents
  - Denial of Service - ReDoS
    
    Evil Regex
  - References
Request Smuggling
Request Smuggling
- Request Smuggling
SAML Injection
SAML Injection
- SAML Injection
SQL Injection
SQL Injection
Server Side Include Injection
Server Side Include Injection
- Server Side Include Injection
Server Side Request Forgery
Server Side Request Forgery
- Server-Side Request Forgery
Server Side Template Injection
Server Side Template Injection
- Server Side Template Injection
Tabnabbing
Tabnabbing
- Tabnabbing
Type Juggling
Type Juggling
- Type Juggling
Upload Insecure Files
Upload Insecure Files
- Upload Insecure Files
- CVE Ffmpeg HLS
  CVE Ffmpeg HLS
  - FFmpeg HLS vulnerability
- Configuration Apache .htaccess
  Configuration Apache .htaccess
  - .htaccess upload
- Configuration Busybox httpd.conf
  Configuration Busybox httpd.conf
  - Index
- Configuration uwsgi.ini
  Configuration uwsgi.ini
  - uWSGI configuration file
- Extension Flash
  Extension Flash
  - Index
- Extension PDF JS
  Extension PDF JS
  - Generate PDF File Containing JavaScript Code
- Picture ImageMagick
  Picture ImageMagick
  - ImageMagick Exploits
- Zip Slip
  Zip Slip
  - Zip Slip
Web Cache Deception
Web Cache Deception
- Web Cache Deception
Web Sockets
Web Sockets
- Web Sockets
XPATH Injection
XPATH Injection
- XPATH Injection
XSLT Injection
XSLT Injection
- XSLT Injection
XSS Injection
XSS Injection
XXE Injection
XXE Injection
- XML External Entity
LEARNING AND SOCIALS
LEARNING AND SOCIALS
- Books
- Twitter
- Youtube
template vuln
template vuln
- Vulnerability Title

Regular Expression

Regular Expression Denial of Service (ReDoS) is a type of attack that exploits the fact that certain regular expressions can take an extremely long time to process, causing applications or services to become unresponsive or crash.

Denial of Service - ReDoS

tjenkinson/redos-detector - A CLI and library which tests with certainty if a regex pattern is safe from ReDoS attacks. Supported in the browser, Node and Deno.
doyensec/regexploit - Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
devina.io/redos-checker - Examine regular expressions for potential Denial of Service vulnerabilities

Evil Regex

Evil Regex contains:

Grouping with repetition
Inside the repeated group:
- Repetition
- Alternation with overlapping

Examples

(a+)+
([a-zA-Z]+)*
(a|aa)+
(a|a?)+
(.*a){x} for x > 10

These regular expressions can be exploited with aaaaaaaaaaaaaaaaaaaaaaaa!

References