[tl;dr sec] #174 - Mitigating SSRF in 2023, Isolation & Container Namespaces, Offensive AI Compilation
The challenges in mitigating SSRF and the best way to do it, how Linux namespaces provide isolation properties for containers, resources on attacking AI models / using it for offensive purposes.
I hope you’ve been doing well!
Despite living within a few hour drive of Tahoe for over a decade, I’d never been until recently.
It seems to be almost a rite of passage for Bay Area residents to do weekend pilgrimages to Tahoe to ski.
I managed to learn enough to go down a few runs that were quite fun, and retained most of my dignity, despite three foot tall young children (who haven’t yet learned to multiply) regularly zooming past me. And I only fell while waiting in line for the lift… twice.
Overall, would recommend 👍
📢 Drata’s Compliance Trends Report 2023
74% of GRC teams aren't addressing known vulnerabilities for lack of bandwidth. This isn’t surprising when these same teams are spending over four thousand hours annually just to achieve or maintain compliance.
Fortunately, established and enterprise companies are shifting compliance from a burden to a business accelerator through processes that promote scalability and continuous compliance. If you’re interested to learn how and get the latest on the current and future state of compliance, check out our 2023 Compliance Trends Report.
📜 In this newsletter...
AppSec: Tool to sync many repos from GitHub, Security Tools Can't Just Be Friction Free, The Importance of Influence in Security Engineering
Web Security: Abusing HTTP hop-by-hop request headers, SSRF Cross Protocol Redirect Bypass, Mitigating SSRF in 2023
Cloud Security: Easily run web apps on Lambda, tarball S3 objects without downloading them, download Lambda code and scan it for secrets, log in and retrieve AWS temporary creds using SAML IDP, the many ways to access DynamoDB
Infrastructure as Code: Tool to provision EC2 to run former2 for generating IaC from existing AWS resources, 20 Terraform Best Practices to Improve your TF workflow, VS Code extension to generate live Terraform graph as you code
Container Security: Forensic container analysis, container security fundamentals: isolation & namespaces
Red Team: Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
Politics / Privacy: Leaving China
Machine Learning: Build a chatbot of your site's content, ChatGPT Emacs shell, CLI Swiss Army Knife for ChatGPT, Offensive AI Compilation, How GitLab is using ML, Toward Comprehensive Risk Assessments and Assurance of AI-Based Systems
Misc: What's up with Twitter's 2FA, Mark Curphey resigns from OWASP board
Security Tools Can’t Just Be Friction Free. Was SCA the Tipping Point?
Mark Curphey argues that it’s not enough to get developers to do the right (security) thing if it’s easy, doesn’t get in their way, and doesn’t give them more work, you also need to solve a problem they have. For SCA, it can help devs to upgrade dependencies with minimal friction (security is just a side benefit).
📢 The Cloud Security Workflow Handbook
The Wiz research team surveyed security orgs at hyper-scaling enterprises to uncover how they’re adapting in 2023 and beyond. They packed their best-practices, frameworks, and templates into this playbook including:
A breakdown of the three pillars of the modern cloud security operating model best-in-class orgs are moving to.
A 4-step roadmap used by the fastest-growing companies to adapt to the new threat landscape.
Plus: Goals and KPI templates for your team to track based on maturity stage presented in a convenient cheat sheet.
SSRF Cross Protocol Redirect Bypass
Doyensec’s Szymon Drosdzol describes finding a bypass in the SSRF filter for the popular request library, as well as a subtle issue in axios. He’s released a Semgrep rule to find axios misconfigurations.
Mitigating SSRF in 2023
Great overview by Include Security’s Laurence Tennant of the challenges in effectively preventing SSRF, and the pros/cons of a number of approaches: allowlisting or blocklisting, secure by default libraries, SSRF jail, network controls, request proxy. Recommendations:
Mature orgs: use the request proxying approach (e.g. Stripe’s Smokescreen), and zero-trust security architectures that require authentication for internal HTTP services.
For companies that don’t yet have resources to set up detailed network controls or maintain their own proxy infrastructure, an anti-SSRF application library applied on any endpoints that accept attacker-controlled input is a good initial mitigation.
A tool to easily build web apps with familiar frameworks (e.g. Express.js, Next.js, Flask, SpringBoot, and Laravel, anything speaks HTTP 1.1/1.0) and run it on AWS Lambda.
A utility tool to create a tarball of existing objects in S3 without having to download the files.
A Python tool for AWS Lambda code analysis: takes a list of profiles, scans through them, downloads the code you have access to, and then processes that code for secrets.
The Many Ways to Access DynamoDB
Sym’s Mathew Pregasen discusses the many ways to restrict access to a DynamoDB instance at both a framework and implementation level, utilizing patterns and tools such as RBAC, IAM, Terraform, Retool, and Sym.
Infrastructure as Code
Provisions an EC2 web instance running former2 for generating IaC scripts from existing AWS resources.
20 Terraform Best Practices to Improve your TF workflow
Various engineering (not security) best practices.
Forensic container analysis
In Kubernetes, it is possible to create a checkpoint of a running container without stopping the container and without the container knowing that it was checkpointed. Red Hat’s Adrian Reber describes how to analyze a checkpoint using tools like checkpointctl, tar, crit and gdb.
Container security fundamentals part 2: Isolation & namespaces
Datadog’s Rory McCune describes how Linux namespaces provide fine-grained isolation of a container’s view of the host’s resources in a number of ways, and walks through useful tools in exploring how they work. Linux currently supports eight namespaces: Mount, PID, Network, Cgroup, IPC, Time, UTS, and User.
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
Sean Pesce decribes how the ssh-keygen command can be used to load a shared library with the -D flag, which can be used for privilege escalation or to translate to arbitrary code execution from argument injection, file overwrites, etc.
Politics / Privacy
Why expatriates like Blake Stone-Banks abandoned the futures they planned in China.
Build a chatbot or Q&A bot of your website’s content.
A ChatGPT Emacs shell
A wrapper around ChatGPT that you can interact with directly from Emacs.
Convert code repos into an LLM prompt-friendly format, allowing them to process the repo’s contents for various tasks, such as code review or documentation generation.
A CLI Swiss Army Knife for ChatGPT. It accepts piped input, arguments, or both, and allows you to save common prompt preambles for quick usage. Also provides utility methods to extract JSON or Markdown from ChatGPT responses.
Great list of useful resources on attacking AI models and using AI for offensive purposes (pentesting, malware, OSINT, phishing, generative AI, etc.) by José Escribano and Miguel Boza.
What the ML is up with DevSecOps and AI?
All filler no killer post by GitLab on how they’re using ML- currently for suggested reviewers and code suggestions (that thing GitHub Copilot/OpenAI Codex have been doing for awhile), neither of which are about security, despite the post title 🤔 I think there will be some promising work here, and I’m not trying to be negative about the author or GitLab, but some of the article’s text feels a bit cringe.
Toward Comprehensive Risk Assessments and Assurance of AI-Based Systems
Paper by Trail of Bits’s Heidy Khlaaf that proposes a novel, end-to-end AI risk framework that incorporates the concept of an Operational Design Domain (ODD), which can better outline the hazards and harms a system can potentially have. Trail of Bits has also launched a practice focused on machine learning and AI.
Much ado about Twitter: What’s going on with 2FA?
Tall Poppy breaks down Twitter’s recent changes, what that means for your security, and what you should do about it. In short: you’ll need to have a paid Twitter Blue account to keep using SMS 2FA, but you should use a Yubikey or Authenticator app instead.
At yesterday’s OWASP board of Directors meeting, I resigned my board position.
Mark Curphey plans to instead pursue a more “centrally-funded, centrally-organised community that can attract and generate funding to invest in a focused, planned and coordinated set of sustainably high quality projects. That is a fundamentally different type of community with a different governance model, different funding model, different operating model, …”
✉️ Wrapping Up
Have questions, comments, or feedback? Just reply directly, I'd love to hear from you.
If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏
Thanks for reading!