Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

HTTP Desync Attacks: Request Smuggling Reborn

DEF CON 30 - James Kettle - Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

大家都拉出了什么#小丑 #shorts

Я уговариваю своего друга выпить Лава Лава

The Joker wanted to stand at the front, but unexpectedly was beaten up by Officer Rabbit

Will A Guitar Boat Hold My Weight?

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

Рет қаралды 3,854

Black Hat

Жыл бұрын

...In this session, I'll show you how to turn your victim's web browser into a desync delivery platform, shifting the request smuggling frontier by exposing single-server websites and internal networks. You'll learn how to combine cross-domain requests with server flaws to poison browser connection pools, install backdoors, and release desync worms....
By: James Kettle
Full Abstract & Presentation Materials: www.blackhat.c...

Пікірлер

HTTP Desync Attacks: Request Smuggling Reborn

47:36

HTTP Desync Attacks: Request Smuggling Reborn

Black Hat

Рет қаралды 30 М.

DEF CON 30 - James Kettle - Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

42:14

DEF CON 30 - James Kettle - Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

DEFCONConference

Рет қаралды 14 М.

大家都拉出了什么#小丑 #shorts

00:35

大家都拉出了什么#小丑 #shorts

好人小丑

Рет қаралды 98 МЛН

Я уговариваю своего друга выпить Лава Лава

00:57

Я уговариваю своего друга выпить Лава Лава

Аришнев

Рет қаралды 7 МЛН

The Joker wanted to stand at the front, but unexpectedly was beaten up by Officer Rabbit

00:12

The Joker wanted to stand at the front, but unexpectedly was beaten up by Officer Rabbit

Funny superhero siblings

Рет қаралды 42 МЛН

Will A Guitar Boat Hold My Weight?

00:20

Will A Guitar Boat Hold My Weight?

MrBeast

Рет қаралды 216 МЛН

HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attack

19:06

HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attack

securityguideme

Рет қаралды 14 М.

Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond

26:49

Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond

Black Hat

Рет қаралды 3,8 М.

HTTP/2: The Sequel is Always Worse

35:15

HTTP/2: The Sequel is Always Worse

Black Hat

Рет қаралды 6 М.

Phishing 2.0 - Detecting Evilginx, EvilnoVNC, Muraena and Modlishka

46:05

Phishing 2.0 - Detecting Evilginx, EvilnoVNC, Muraena and Modlishka

Push Security

Рет қаралды 2,3 М.

albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference

41:32

albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference

DEFCONConference

Рет қаралды 53 М.

HTTP Request Smuggling - False Positives

16:40

HTTP Request Smuggling - False Positives

PinkDraconian

Рет қаралды 13 М.

Lab: Exploiting HTTP request smuggling to capture other users' requests

13:05

Lab: Exploiting HTTP request smuggling to capture other users' requests

Jarno Timmermans

Рет қаралды 2,6 М.

Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu Humbert

48:05

Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu Humbert

Devoxx

Рет қаралды 1,1 М.

Cracking Enigma in 2021 - Computerphile

21:20

Cracking Enigma in 2021 - Computerphile

Computerphile

Рет қаралды 2,5 МЛН

Request smuggling - do more than running tools! HTTP Request smuggling bug bounty case study

24:20

Request smuggling - do more than running tools! HTTP Request smuggling bug bounty case study

Bug Bounty Reports Explained

Рет қаралды 8 М.

大家都拉出了什么#小丑 #shorts

00:35

大家都拉出了什么#小丑 #shorts

好人小丑

Рет қаралды 98 МЛН