我实验室10篇论文被USENIX Security'25接收！

Authors: 

Keke Lian, Lei Zhang, and Haoran Zhao, Fudan University; Yinzhi Cao, Johns Hopkins University; Yongheng Liu, Fute Sun, Yuan Zhang, and Min Yang, Fudan University

Abstract: 

Denial-of-Service (DoS) attacks have long been a major threat to the availability of the World Wide Web. While prior works have extensively studied network-layer DoS and certain types of application-layer DoS, such as Regular Expression DoS (ReDoS), little attention has been paid to memory exhaustion DoS, especially in Java Web containers. Our research target is a special type of memory exhaustion DoS vulnerabilities that retain user data in web containers, which is defined as Data Retention DoS (DRDoS) in this paper. To the best of our knowledge, there are no systematic academic studies of such DRDoS vulnerabilities of Java Web Containers except for a few manually found vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database.

In this paper, we design and implement a novel static analysis approach, called DR. D, to detect and assess DRDoS vulnerabilities in Java web containers. Our key insight is to analyze the request handling process of web containers and detect whether client-controlled request data may be retained in the containers, thus leading to DRDoS vulnerabilities. We apply DR. D on four popular open-source Java web containers, discovering that all of them have DRDoS vulnerabilities. Specifically, DR. D finds 25 zero-day, exploitable vulnerabilities. We have responsibly reported all of them to corresponding developers and received confirmations. So far, we have received seventeen CVE identifiers (three of them assigned with high severity). Based on scan results from search engine, e.g., Shodan, we identify that over 1.5 million public IP addresses are hosting vulnerable versions of Java web containers potentially with DRDoS found by DR. D, demonstrating the spread of DRDoS

Authors: 

Peng Deng, Lei Zhang, Yuchuan Meng, Zhemin Yang, Yuan Zhang, and Min Yang, Fudan University

Abstract: 

Software supply chain attacks pose an increasingly severe threat to the security of downstream software worldwide. A common method to mitigate these risks is Software Composition Analysis (SCA), which helps developers identify vulnerable dependencies. However, studies show that popular SCA approaches often suffer from high false positive rates. As a result, developers spend significant time manually validating these alerts, which delays the detection and remediation of genuinely exploitable upstream vulnerabilities.

In this paper, we propose ChainFuzz, an automated approach for validating upstream vulnerabilities in downstream software by generating Proof-of-Concepts (PoCs). To achieve this, ChainFuzz addresses three key challenges. First, intra-layer code and constraints. Downstream software introduces custom code and sanity checks that significantly alter the triggering paths and conditions of upstream vulnerabilities. Second, inter-layer dependencies. Software supply chains often involve cross-layer control-flow and data-flow dependencies between conditional statements across different layers. Third, long supply chains. Transitive dependencies in long chains result in intricate exploitation paths, making it challenging to explore large code spaces and handle deeply nested constraints effectively.

We comprehensively evaluate ChainFuzz using our dataset, which comprises 66 unique vulnerability and supply chain combinations. Our results demonstrate its effectiveness and practicality in generating PoCs for both direct and transitive vulnerable dependencies. Additionally, we compare ChainFuzz with representative fuzzing tools: AFLGo, AFL++, and NestFuzz, highlighting its superior performance in downstream PoC generation.

Authors: 

Yining Wang, Mi Zhang, Junjie Sun, Chenyue Wang, and Min Yang, Fudan University; Hui Xue, Jialing Tao, Ranjie Duan, and Jiexi Liu, Alibaba Group

Abstract: 

Fusing visual understanding into language generation, Multi-modal Large Language Models (MLLMs) are revolutionizing visual-language applications. Yet, these models are often plagued by the hallucination problem, which involves generating inaccurate objects, attributes, and relationships that do not match the visual content. In this work, we delve into the internal attention mechanisms of MLLMs to reveal the underlying causes of hallucination, exposing the inherent vulnerabilities in the instruction-tuning process.

We propose a novel hallucination attack against MLLMs that exploits attention sink behaviors to trigger hallucinated content with minimal image-text relevance, posing a significant threat to critical downstream applications. Distinguished from previous adversarial methods that rely on fixed patterns, our approach generates dynamic, effective, and highly transferable visual adversarial inputs, without sacrificing the quality of model responses. Comprehensive experiments on 6 prominent MLLMs demonstrate the efficacy of our attack in compromising black-box MLLMs even with extensive mitigating mechanisms, as well as the promising results against cutting-edge commercial APIs, such as GPT-4o and Gemini 1.5. 

Authors: 

Xinyou Huang, Lei Zhang, Yongheng Liu, and Peng Deng, Fudan University; Yinzhi Cao, Johns Hopkins University; Yuan Zhang and Min Yang, Fudan University

Abstract: 

Java Web applications are of great importance for information systems deployed across critical sections of our society as demonstrated in the severe impacts caused by notorious log4j vulnerability. One major challenge in detecting Java Web Application vulnerabilities is cross-thread dataflows, which are caused by shared Java objects and triggered by multiple web requests in the same session. To the best of our knowledge, none of the prior works can handle such cross-thread dataflows in Java Web applications.

In this paper, we design and implement the first framework, called JAEX, to automatically detect and exploit Java Web Application vulnerabilities via concolic execution guided by so-called Cross-thread Object Manipulation. Our key insight is that cross-thread dataflows can be triggered by manipulation of shared Java objects using different requests, thus guiding concolic execution to reach the sink and generate exploits. We also evaluate JAEX on popular Java applications, which discovers 35 zero-day vulnerabilities. We responsibly disclosed all the vulnerabilities to their vendors and received acknowledgments for all of them.

Authors: 

Xin Zhang, Xiaohan Zhang, and Bo Zhao, Fudan University; Yuhong Nan, Sun Yat-sen University; Zhichen Liu, Jianzhou Chen, Huijun Zhou, and Min Yang, Fudan University

Abstract: 

QR code-based Login (QRLogin) has emerged as a prevalent method for web account authentication, offering a more user-friendly alternative to traditional username and password entry. However, despite its growing popularity, the security of QRLogin has been overlooked. In particular, the lack of standardized QRLogin design and implementation guidelines, coupled with its wide deployment variability, raises significant concerns on the real-world deployments of QRLogin.

This paper presents the first systematic study on the security of QRLogin in real-world deployments. We begin our research with real-world studies to understand the deployment status of QRLogin and user perceptions of this novel authentication paradigm, which assists us in establishing a realistic threat model. We then proceed with a systematic security analysis by generalizing the typical workflow of QRLogin, examining how key variables adhere to common security principles, and ultimately exposing 6 potential flaws. We conduct security analysis on real-world QRLogin deployments with a semi-automatic detection pipeline, and reveal surprising results that 47 top websites (43% of tested) are vulnerable to at least one of the above flaws. These design and implementation flaws can lead to 5 types of attacks, including Authorization Hijacking, Double Login, Brute-force Login, Universal Account Takeover, and Privacy Abuse. We have responsibly reported all the identified issues and received 42 vulnerability IDs from official vulnerability repositories. We further provide an auditing tool and suggestions for developers and users, contributing a concerted step towards more secure implementations of QRLogin.

Authors:

Zihan Lin, Yuan Zhang, Jiarun Dai, Xinyou Huang, Bocheng Xiang, Guangliang Yang, Letian Yuan, Lei Zhang, Fengyu Liu, Tian Chen, and Min Yang, Fudan University

Abstract: 

Java web applications play a pivotal role in the modern digital landscape. Due to their widespread use and significant importance, Java web applications have been one prime target for cyber attacks. In this work, we propose a novel directed fuzzing approach, called WDFuzz, that can effectively vet the security of Java web applications. To achieve this, we address two main challenges: (1) efficiently exploring numerous web entries and parameters, and (2) generating structured and semantically constrained inputs. Our WDFuzz approach is two-fold. First, we develop a semantic constraint extraction technique to accurately capture the expected input structures and constraints of web parameters. Second, we implement a hierarchical scheduling strategy that evaluates the potential of each seed to trigger vulnerabilities and prioritizes the most promising seeds. In our evaluation against 15 real-world Java web applications, WDFuzz achieved a 92.6% recall rate in the known vulnerability dataset, finding 3.2 times more vulnerabilities and detecting them 7.1 times faster than the state-of-the-art web fuzzer. We also identified 92 previously unknown vulnerabilities, with 4 CVE IDs and 15 CNVD IDs assigned to date.

Authors:

Fengyu Liu，Yuan Zhang，Jiaqi Luo，Jiarun Dai，Tian Chen，Letian Yuan，Zhengmin Yu，Youkun Shi，Ke Li，Chengyuan Zhou，Min Yang

Abstract:

Large Language Models (LLMs) have revolutionized software development, enabling the creation of AI-powered applications known as LLM-based agents. However, recent studies reveal that LLM-based agents are highly susceptible to taint-style vulnerabilities, which allow malicious prompts to exploit security-sensitive operations. These vulnerabilities pose severe threats to the security of agents, potentially allowing attackers to take over the entire agent remotely.

In this paper, we propose a novel directed greybox fuzzing approach, called AgentFuzz, the first fuzzing framework for detecting taint-style vulnerabilities in LLM-based agents. AgentFuzz consists of three key phases. First, AgentFuzz leverages the LLM to generate functionality-specific seed prompts in the form of natural language. Second, AgentFuzz utilizes a multifaceted feedback design to assess seed quality from both semantic and distance levels, prioritizing seeds with higher quality. Finally, AgentFuzz employs functionality and argument mutator to refine seeds and trigger vulnerabilities effectively. In our evaluation against 20 widely-used open-source agent applications, AgentFuzz identified 34 high-risk 0-day vulnerabilities, achieving 33 times higher precision than the state-of-the-art approach. These vulnerabilities encompass serious threats like code injection, impacting 14 open-source agents, with 7 of them having over 10,000 stars on GitHub. To date, 23 CVE IDs have been assigned.

Authors:

Youkun Shi，Yuan Zhang，Tianhao Bai，Feng Xue，Jiarun Dai，Fengyu Liu，Lei Zhang，Xiapu Luo，Min Yang

Abstract:

The Cross-Site Scripting (XSS) vulnerability is one of the most prevalent security issues in PHP web applications. To detect XSS vulnerabilities, existing dynamic techniques are commonly hindered by insufficient code exploration capabilities and non-trivial execution environment setup. Comparably, static techniques offer more flexible detection of target code by identifying vulnerable source-sink paths. However, these paths would probably be guarded by custom sanitizers (i.e., implemented to filter malicious inputs). Without establishing reliable sanitizer modeling and analysis techniques, existing work can hardly achieve satisfactory effectiveness.

In light of this, we propose a static sanitizer-tolerant XSS detector, named XSSky. Our key insight is that concrete malicious inputs, which evade sanitizers and trigger XSS vulnerabilities, serve as strong proof of a vulnerability's existence. Based on this idea, XSSky attempts to deterministically curate malicious inputs for potentially vulnerable source-sink paths using a path-persistent fuzzing strategy. Specifically, XSSky first converts each given source-sink path into locally executable Programs Under Test (PUTs). Then it uses XSS-oriented exploit primitives and PHP interpreter feedback to generate malicious inputs to efficiently confirm the existence of vulnerabilities. Evaluation results show that XSSky successfully detected 60 previously unknown XSS vulnerabilities (including 31 caused by sanitizer evasion) across 20 popular PHP web applications. Compared with several existing state-of-the-art techniques, XSSky achieved a precision improvement of 11.48%~642.49% and a recall improvement of 87.51%~172.70%. Furthermore, XSSky identified 18 unique vulnerabilities that none of the baselines could detect.

Authors:

Bocheng Xiang，Yuan Zhang，Fengyu Liu，Hao Huang，Zihan Lin，Min Yang

Abstract:

Symbolic links are widely utilized in file operations on the Windows system to facilitate seamless interaction and enhance the overall user experience. However, developers' failure to properly validate symbolic links during the process of file operations has led to the Link Following Vulnerabilities (LFVulns), enabling attackers to manipulate system files arbitrarily.

In this paper, we conduct a comprehensive analysis of existing LFVulns and reproduce 42 of them for in-depth empirical research. Our findings uncover the root causes of LFVulns and identify key factors hindering their detection and exploitation. To bridge this gap, we developed LinkZard, a prototype for the automated detection and exploitation of LFVulns targeting Windows systems. LinkZard consists of two main phases. The exploration phase employs efficient file state fuzzing to better uncover potential vulnerabilities, while the exploitation phase locates sinks and utilizes code wrapping strategies to achieve automatic exploitation. We applied LinkZard to 120 commercial programs from vendors such as Microsoft, Apple, and Intel, successfully detecting and exploiting 55 zero-day vulnerabilities. We responsibly reported all identified vulnerabilities to the affected vendors. Up to now, 49 of them have been confirmed and patched, resulting in 15 CVE assignments and over $39,600 bounty rewards.

Authors:

Jinsong Chen，Mengying Wu，Geng Hong，Baichao An，Mingxuan Liu，Lei Zhang，Baojun Liu，Haixin Duan，Min Yang

Abstract:

Traditional attacks on remote software often fail to be armed with targeted software version information, leading to conspicuous brute-force attacks. Existing version identification tools, relying on predefined strings or patterns as fingerprints, can often not sketch software versions with defensive measures such as obfuscation or authentication.

This paper presents a covert and accurate version identification method based on noticeably different functional changes introduced by version updates. Our tool minimizes server noticeable probing behaviors by distilling domain knowledge from documents and change logs, and carefully designing dynamic probing sequences. We implemented and evaluated our prototype framework on Elasticsearch, Redis, Dubbo, Joomla, and phpMyAdmin, focusing on their versions from the past decade. Our tool achieved 2.8 times identification rates higher than previous works, with 65.37% fewer packages sent. Additionally, we conducted a large-scale scan of real-time data from Shodan and FOFA collected over two months, successfully identifying version information for 240,020 remote software instances, with 156,256 unrecognized by either platform. Our result reveals that over 72.25% users are still deploying versions released at least one year ago, facing significant vulnerability threats.