No Hat 2024 - Francesco Minetti - A Methodology for Web Cache Deception Vulnerability discovery
Автор: BITM Hacklab
Загружено: 2024-10-25
Просмотров: 584
A METHODOLOGY FOR WEB CACHE DECEPTION VULNERABILITY DISCOVERY
In recent years, the use of caching techniques in web applications has increased significantly, in line with their expanding user base. The logic of web caches is closely tied to the application logic, and misconfigurations can lead to security risks, including the unauthorized access of private information and session hijacking. In this study, we examine Web Cache Deception as a technique for attacking web applications. We develop a solution for discovering vulnerabilities that expands upon and encompasses prior research in the field. We conducted an experimental evaluation of the attack's efficacy against real-world targets, and present a new attack vector via web-client-based email services.
FRANCESCO MINETTI - Bug Hunter @PRIMATON
Ex chemist, Bug hunter and cyber security specialist. I have a degree in chemistry and another in Computer security. I'm always in love with hacking and computer security. I hunt for bugs in web applications and Android applications. In my free time I push my skateboard and have fun with people I love.
Links
No Hat - Website: nohat.it
No Hat - X: @nohatcon
F. Minetti - Website: hackerone.com/f_m
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
