filmov
tv
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
Показать описание
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general attack approach, in which we used in combination with our own fuzzing tool to discover many 0days in built-in libraries of very widely-used programming languages, including Python, PHP, Perl, Ruby, Java, JavaScript, Wget and cURL.
By Orange Tsai
By Orange Tsai
0:47:17
0:47:18
0:44:52
![[CB17] A New](https://i.ytimg.com/vi/2MslLrPinm0/hqdefault.jpg)
0:49:42
0:47:17
0:50:23
![[HITCON CMT 2017]](https://i.ytimg.com/vi/01ixxn2dOrc/hqdefault.jpg)
0:51:03
0:47:04
0:00:38
0:51:03
0:50:23
0:49:42
0:05:24
0:37:02
0:30:38
0:00:59
0:46:53
0:03:31
0:28:37
0:15:47
0:00:40
0:34:14
0:12:47
0:18:38