All Categories Reports & Results Out of Band vulnerability detection on Beagle Security

Out of Band vulnerability detection on Beagle Security

By Deepraj R
January 19, 2023

What is an Out-of-Band (OOB) vulnerability?

Out-of-Band vulnerabilities are vulnerabilities that cannot be found in a traditional penetration testing methodology (HTTP request-response). Mostly found in web applications, APIs, and backend programs, this vulnerability has a distinct working process.

How does a hacker exploit an Out-of-Band vulnerability?

  1. A payload is crafted to send a specific request to the bad actor’s machine. 

  2. It is then uploaded to the target service/application.

What makes OOB vulnerability distinct from all other vulnerabilities is that often the vulnerable service/application is required to generate an outbound TCP/UDP/ICMP request (HTTP request-response is behind other vulnerabilities) which allows the attacker to exploit the vulnerable service.

Also, OOB vulnerability remains intact till the vulnerable service is triggered by the user or another service, and it may happen either immediately or after certain days. It can even happen when another service is triggered, present within the application itself, or even from a completely different web application.

  1. Once the vulnerability is triggered when interaction happens in the vulnerable service/application, the TCP/UDP/ICMP request is sent to the attacker machine with which the hacker can then execute arbitrary codes in accordance with the vulnerability present in it.

Commonly found Out-of-Band vulnerabilities:

  • Server-Side Request Forgery (SSRF)

  • Out of Band XML External Entity injection (XXE)

  • Out of Band SQL injection (OOB SQLi)

  • Out of Band Remote Code Execution (OOB RCE)

  • Email header injection 

  • Host header attack 

  • Blind XSS (delayed XSS)

How does Beagle Security detect Out-of-Band (OOB) vulnerabilities?

  1. Along with the automated penetration test conducted on your web application or API, a specially crafted payload (indeed, it’s safe 😉) is included in your service/application. 

  1. If any of the services/applications are OOB vulnerable, when an interaction happens in the service, a request is sent to Beagle Security.  

  1. It is then notified to you through both email and in the latest test report you conducted on the web application/API in which the vulnerability is found. 

Role of ‘Mark as fixed’ button in the report

If you have already fixed the found OOB vulnerability, you may click on the ‘mark as fixed’ button on your Beagle Security results dashboard.

To mark an entire found vulnerability as fixed, follow these steps:

  1. Go to the Beagle Security application results dashboard.

  2. Click on the 'Show Result' button.

  3. Click on the 'Mark as Fixed' button.

OOB_mark_as_fixed_vulnerability.png

To mark a single occurrence of the vulnerability found, follow these steps:

  1. Go to the Beagle Security application results dashboard.

  2. Click on the 'Show Result' button.

  3. Click on the 'Mark as Fixed' button under the Occurrences sub-heading as shown below.

    OOB_mark_as_fixed_occurence.png

Was this article helpful?