Skip to content

Latest commit

 

History

History
66 lines (49 loc) · 3.87 KB

attack-tree.md

File metadata and controls

66 lines (49 loc) · 3.87 KB

Attack Tree Analysis for hyperium/hyper

Objective: To cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE) on a server application utilizing the Hyper library.

Attack Tree Visualization

Compromise Application using Hyper
        |
        Denial of Service (DoS) [HIGH-RISK]
        |
-------------------------------------------------
|                       |                       |
Resource Exhaustion    Header/Request        Connection
        |               Manipulation          Handling {CRITICAL}
        |
------------
|    |     |
Slow Slow  Slow
loris Body  Read
[HIGH-RISK]
{CRITICAL}

Attack Tree Path: Denial of Service (DoS) [HIGH-RISK]

This is the primary high-risk area due to the relative ease of execution and potential for significant impact.

Attack Tree Path: 1.1 Resource Exhaustion

Attack Tree Path: 1.1.1 Slowloris [HIGH-RISK] {CRITICAL}

  • Description: The attacker establishes multiple connections to the server but sends only partial HTTP requests. Hyper, waiting for the complete request, keeps these connections open. By maintaining many such incomplete connections, the attacker exhausts the server's connection pool, preventing legitimate clients from connecting. This is a classic and effective DoS attack.
  • Likelihood: Medium
  • Impact: Medium (Service degradation or unavailability)
  • Effort: Low
  • Skill Level: Beginner
  • Detection Difficulty: Medium (Requires monitoring of connection states and timeouts)

Attack Tree Path: 1.1.2 Slow Body Read

  • Description: The attacker sends a complete HTTP request, including headers, but sends the request body very slowly. For example, the attacker might send one byte every few seconds. Hyper, waiting for the entire body, keeps the connection open and consumes resources. This is similar in principle to Slowloris but targets a different part of the request.
  • Likelihood: Medium
  • Impact: Medium (Service degradation or unavailability)
  • Effort: Low
  • Skill Level: Beginner
  • Detection Difficulty: Medium

Attack Tree Path: 1.1.3 Slow Read

  • Description: The attacker sends request and then reads response very slowly. For example, the attacker might read one byte every few seconds. Hyper, waiting until client reads all data, keeps the connection open and consumes resources.
  • Likelihood: Medium
  • Impact: Medium (Service degradation or unavailability)
  • Effort: Low
  • Skill Level: Beginner
  • Detection Difficulty: Medium

Attack Tree Path: 1.3 Connection Handling {CRITICAL}

This entire category is marked as critical because proper connection management is fundamental to preventing many DoS attacks. Vulnerabilities or misconfigurations here can have wide-ranging consequences. While specific sub-attacks (like Keep-Alive floods) exist, the underlying issue is how Hyper manages connections, timeouts, and resource allocation related to those connections. This includes:

  • Inadequate Timeouts: If Hyper's timeouts for various connection states (idle, reading, writing) are too generous, attackers can exploit them with slow-attack techniques.
  • Resource Limits: Hyper needs appropriate limits on the number of concurrent connections, the amount of memory used per connection, and other resources. If these limits are too high (or non-existent), an attacker can easily exhaust them.
  • Error Handling: Bugs in how Hyper handles connection errors (network interruptions, malformed requests) could lead to resource leaks or other vulnerabilities.