Web Cache Deception Attack

preview_player
Показать описание
Web Cache Deception attack is a new web attack vector that puts various technologies and frameworks at risk. By manipulating behaviors of web servers and caching mechanisms, anonymous attackers can expose sensitive information of authenticated application users, and in certain cases to even take control over their accounts.

By Omer Gil

  1. Black Hat
  2. Black Hat
  3. Black Hat 2017
  4. Information Security
  5. Black Hat USA
  6. BHUSA
Рекомендации по теме
Web Cache Deception 0:23:02

Web Cache Deception Attack

Web Cache Deception 0:07:23

Web Cache Deception Attacks! | New From BlackHat 2024!

web cache deception 0:00:34

web cache deception attack (poc)

WEB CACHE DECEPTION 0:07:42

WEB CACHE DECEPTION FOR BEGINNERS!

Web Cache Deception 0:01:24

Web Cache Deception attack POC

Web Cache Deception 0:28:27

Web Cache Deception attack: A new web attack vector

Web Cache Deception 0:00:57

Web Cache Deception POC | Bug Bounty POC | Lazy Pentester

Web Cache Deception 0:00:49

Web Cache Deception Attack PoC on a private bug bounty program

Web Cache Deception 0:00:30

Web Cache Deception Attack in PayPal History Page

Portswigger: Exploiting path 0:02:51

Portswigger: Exploiting path mapping for web cache deception

Web Cache Deception 0:10:36

Web Cache Deception Attack

Web Cache Deception 0:00:38

Web Cache Deception Attack in PayPal Settings Page

$500 Bug Bounty 0:02:13

$500 Bug Bounty POC - Web Cache Deception

Attacks In Arabic 0:28:21

Attacks In Arabic - Web Cache Poisoning/Deception

Portswigger: exploiting path 0:03:33

Portswigger: exploiting path delimiters for web cache deception

Web Cache Deception 0:03:38

Web Cache Deception POC Bug Bounty

USENIX Security '20 0:11:22

USENIX Security '20 - Cached and Confused: Web Cache Deception in the Wild

Web Cache Poisoning 0:03:51

Web Cache Poisoning Explained : Web Security & Vulnerability

$10k+5k Web cache 0:07:33

$10k+5k Web cache poisoning - Github + Firefox - Bug Bounty Reports Explained

Exploiting path mapping 0:04:31

Exploiting path mapping for web cache deception | lab 1web cache deception #portswigger #viralvideo

web cache deception 0:00:34

web cache deception attack poc | web cache deception poc #viralvideo #portswigger #bugbounty

Black Hat USA 0:23:02

Black Hat USA 2017 Web Cache Deception Attack

USENIX Security '22 0:11:59

USENIX Security '22 - Web Cache Deception Escalates!

h@ckivitycon 2020: Cached 0:30:30

h@ckivitycon 2020: Cached and Confused: Web Cache Deception in the Wild

Комментарии
Автор

Nice talk

The moral is the same as Spectre: too much push on performance without caring about security

ysantamorena
Автор

Very clear explanation, respect to this guy!

MherZaqaryann
Автор

Some penetration tools used to perform automated assessments of vulnerable sites must be adding a lot of data to these caches. Particularly authenticated fuzzing or file/directory brute-force. Let's hope tool developers don't use known file names and locations, and customers always sanitise their test DB's. 8-(

derek
Автор

Using name Java wasn't good idea cause it's a litte bit confuse

mleczkoxdTakTenmleczko
Автор

Why are you guys putting it online 6 month later?

director
Автор

IMO you are not mentioning the only real solution: serve your cacheable and personalized/non-cacheable content on different domains. Use a very simple CDN configuration for the latter that does not cache anything, or no CDN at all if your origin can handle that. Otherwise you are only one mistake away from some major egg on your face. It is way too easy to make a configuration error in the CDN, or have the origin send the wrong headers by mistake.

BR-lxpy
Автор

Haha I did this to cheat on my ochem online homework when I forgot to do it and it was about to be due. Still got a B tho

jasonlind