Скачать
Reconsidering Self-XSS And Exploring Novel Attacks With Cookie Tossing - Thomas Houhou
Автор: DEFCON Switzerland
Загружено: 2024-07-04
Просмотров: 1888
Описание:
Thomas Houhou
Cookie tossing is a web attack that consists of injecting cookies from a vulnerable or malicious
subdomain in order to poison other websites under the same parent domain. As part of a coordinated vulnerability disclosure with the Swisscom Bug Bounty program and Project Jupyter, this talk will describe how such a technique can systematically turn Self-XSS into a high-impact bug and then explore how it also results in novel web attacks. Ultimately, the aim is to draw attention to the strong capabilities of cookie tossing and the many creative attack vectors it enables.
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
