Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!

Дата: 15.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

We propose a new exploit technique that brings a whole-new attack surface to defeat path normalization, which is complicated in implementation due to many implicit properties and edge cases. This complication, being under-estimated or ignored by developers for a long time, has made our proposed attack vector possible, lethal, and general.

By Orange Tsai

Full Abstract and Presentation Materials: https://www.blackhat.com/us-18/briefings/schedule/#breaking-parser-logic-take-your-path-normalization-off-and-pop-0days-out-10346

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *