APM Sharepoint authentication v2

Problem this snippet solves: This new version of irule supports NTLM auth (mandatory for Onedrive Apps) APM is a great authentication service but it does it only with forms. The default behavior...
Published May 24, 2017
Version 1.0
application delivery
BIG-IP Access Policy Manager (APM)
iRules
ms-ofba
sharepoint
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Mar 20, 2019

Hi Stanislas,

you may want to double check your lines 211, 212 and 343. They allow an attacker to perform a TCL-injection attack by sending handcrafted HOST header values.

Remote Code Execution with TMM crash:

Host: www.[while { 1 } { set x 1 }].de

Disclosure of your AES Recovery Key: 

Host: www.[b64encode [subst [b64decode JHN0YXRpYzo6c2Vzc2lvbl9yZXN0b3JlX2Flc19rZXk=]]].de

Cheers, Kai