HTTP Desync Attacks: Smashing into the Cell Next Door

Дата: 15.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

HTTP requests are traditionally viewed as isolated, standalone entities. In this session, I’ll introduce techniques for remote, unauthenticated attackers to smash through this isolation and splice their requests into others, through which I was able to play puppeteer with the web infrastructure of numerous commercial and military systems, rain exploits on their visitors, and harvest over $50k in bug bounties.

By James Kettle

Full Abstract & Presentation Materials: https://www.blackhat.com/us-19/briefings/schedule/#http-desync-attacks-smashing-into-the-cell-next-door-15153

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован.