[tl;dr sec] #174 - Mitigating SSRF in 2023, Isolation & Container Namespaces, Offensive AI Compilation

Hey there,

I hope you’ve been doing well!

Lift-ed Spirits

Despite living within a few hour drive of Tahoe for over a decade, I’d never been until recently.

It seems to be almost a rite of passage for Bay Area residents to do weekend pilgrimages to Tahoe to ski.

I managed to learn enough to go down a few runs that were quite fun, and retained most of my dignity, despite three foot tall young children (who haven’t yet learned to multiply) regularly zooming past me. And I only fell while waiting in line for the lift… twice.

Overall, would recommend 👍

AppSec

fatih/starhook
Tool by Fatih Arslan to manage and sync a set of repositories from a group of remote repositories (say 100s) to your localhost. Useful for security research.

Security Tools Can’t Just Be Friction Free. Was SCA the Tipping Point?
Mark Curphey argues that it’s not enough to get developers to do the right (security) thing if it’s easy, doesn’t get in their way, and doesn’t give them more work, you also need to solve a problem they have. For SCA, it can help devs to upgrade dependencies with minimal friction (security is just a side benefit).

The Importance of Influence in Security Engineering
By Segment’s Jeevan Singh.

Web Security

Abusing HTTP hop-by-hop request headers
Nathan Davison covers techniques that can be used to influence web systems and applications in unexpected ways, by abusing HTTP/1.1 hop-by-hop headers.

SSRF Cross Protocol Redirect Bypass
Doyensec’s Szymon Drosdzol describes finding a bypass in the SSRF filter for the popular request library, as well as a subtle issue in axios. He’s released a Semgrep rule to find axios misconfigurations.

Mitigating SSRF in 2023
Great overview by Include Security’s Laurence Tennant of the challenges in effectively preventing SSRF, and the pros/cons of a number of approaches: allowlisting or blocklisting, secure by default libraries, SSRF jail, network controls, request proxy. Recommendations:

• Mature orgs: use the request proxying approach (e.g. Stripe’s Smokescreen), and zero-trust security architectures that require authentication for internal HTTP services.

• For companies that don’t yet have resources to set up detailed network controls or maintain their own proxy infrastructure, an anti-SSRF application library applied on any endpoints that accept attacker-controlled input is a good initial mitigation.

Cloud Security

awslabs/aws-lambda-web-adapter
A tool to easily build web apps with familiar frameworks (e.g. Express.js, Next.js, Flask, SpringBoot, and Laravel, anything speaks HTTP 1.1/1.0) and run it on AWS Lambda.

awslabs/amazon-s3-tar-tool
A utility tool to create a tarball of existing objects in S3 without having to download the files.

StateFarmIns/LambdaLooter
A Python tool for AWS Lambda code analysis: takes a list of profiles, scans through them, downloads the code you have access to, and then processes that code for secrets.

Versent/saml2aws
By Versent: a CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP.

The Many Ways to Access DynamoDB
Sym’s Mathew Pregasen discusses the many ways to restrict access to a DynamoDB instance at both a framework and implementation level, utilizing patterns and tools such as RBAC, IAM, Terraform, Retool, and Sym.

Infrastructure as Code

aws-samples/ec2-former2
Provisions an EC2 web instance running former2 for generating IaC scripts from existing AWS resources.

20 Terraform Best Practices to Improve your TF workflow
Various engineering (not security) best practices.

adamiBs/vscode-terraform-live-graph
A VS Code extension by Ben Shmuel that allows you to generate a live Terraform graph as you code.

Container Security

Forensic container analysis
In Kubernetes, it is possible to create a checkpoint of a running container without stopping the container and without the container knowing that it was checkpointed. Red Hat’s Adrian Reber describes how to analyze a checkpoint using tools like checkpointctl, tar, crit and gdb.

Container security fundamentals part 2: Isolation & namespaces
Datadog’s Rory McCune describes how Linux namespaces provide fine-grained isolation of a container’s view of the host’s resources in a number of ways, and walks through useful tools in exploring how they work. Linux currently supports eight namespaces: Mount, PID, Network, Cgroup, IPC, Time, UTS, and User.

Red Team

Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
Sean Pesce decribes how the ssh-keygen command can be used to load a shared library with the -D flag, which can be used for privilege escalation or to translate to arbitrary code execution from argument injection, file overwrites, etc.

Politics / Privacy

Leaving China
Why expatriates like Blake Stone-Banks abandoned the futures they planned in China.

Machine Learning

mpaepper/content-chatbot
Build a chatbot or Q&A bot of your website’s content.

A ChatGPT Emacs shell
A wrapper around ChatGPT that you can interact with directly from Emacs.

mpoon/gpt-repository-loader
Convert code repos into an LLM prompt-friendly format, allowing them to process the repo’s contents for various tasks, such as code review or documentation generation.

npiv/chatblade
A CLI Swiss Army Knife for ChatGPT. It accepts piped input, arguments, or both, and allows you to save common prompt preambles for quick usage. Also provides utility methods to extract JSON or Markdown from ChatGPT responses.

jiep/offensive-ai-compilation
Great list of useful resources on attacking AI models and using AI for offensive purposes (pentesting, malware, OSINT, phishing, generative AI, etc.) by José Escribano and Miguel Boza.

What the ML is up with DevSecOps and AI?
All filler no killer post by GitLab on how they’re using ML- currently for suggested reviewers and code suggestions (that thing GitHub Copilot/OpenAI Codex have been doing for awhile), neither of which are about security, despite the post title 🤔 I think there will be some promising work here, and I’m not trying to be negative about the author or GitLab, but some of the article’s text feels a bit cringe.

Toward Comprehensive Risk Assessments and Assurance of AI-Based Systems
Paper by Trail of Bits’s Heidy Khlaaf that proposes a novel, end-to-end AI risk framework that incorporates the concept of an Operational Design Domain (ODD), which can better outline the hazards and harms a system can potentially have. Trail of Bits has also launched a practice focused on machine learning and AI.

Misc

Much ado about Twitter: What’s going on with 2FA?
Tall Poppy breaks down Twitter’s recent changes, what that means for your security, and what you should do about it. In short: you’ll need to have a paid Twitter Blue account to keep using SMS 2FA, but you should use a Yubikey or Authenticator app instead.

At yesterday’s OWASP board of Directors meeting, I resigned my board position.
Mark Curphey plans to instead pursue a more “centrally-funded, centrally-organised community that can attract and generate funding to invest in a focused, planned and coordinated set of sustainably high quality projects. That is a fundamentally different type of community with a different governance model, different funding model, different operating model, …”

✉️ Wrapping Up 

Have questions, comments, or feedback? Just reply directly, I'd love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,

Clint