Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

Поделиться
HTML-код
  • Опубликовано: 26 дек 2024
  • ...In this session, I'll show you how to turn your victim's web browser into a desync delivery platform, shifting the request smuggling frontier by exposing single-server websites and internal networks. You'll learn how to combine cross-domain requests with server flaws to poison browser connection pools, install backdoors, and release desync worms....
    By: James Kettle
    Full Abstract & Presentation Materials: www.blackhat.c...

Комментарии •

Следующие
Автовоспроизведение
HTTP Desync Attacks: Request Smuggling Reborn47:36HTTP Desync Attacks: Request Smuggling Reborn
HTTP Desync Attacks: Request Smuggling RebornBlack Hat
Просмотров 30 тыс.
albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference41:32albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference
albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 ConferenceDEFCONConference
Просмотров 55 тыс.
Making a Simple Multiplayer Game!1:49:26Making a Simple Multiplayer Game!
Making a Simple Multiplayer Game!Code Monkey
Просмотров 7 тыс.
Drone sightings force New York airport to shut down temporarily02:18Drone sightings force New York airport to shut down temporarily
Drone sightings force New York airport to shut down temporarilyCBS New York
Просмотров 1,2 млн
The Breakfast Club Reacts To Jay-Z’s Attorney Saying Him & Diddy Aren’t Friends + More13:45The Breakfast Club Reacts To Jay-Z’s Attorney Saying Him & Diddy Aren’t Friends + More
The Breakfast Club Reacts To Jay-Z’s Attorney Saying Him & Diddy Aren’t Friends + MoreBreakfast Club Power 105.1 FM
Просмотров 704 тыс.
The White Lotus Season 3 | Official Teaser | Max01:34The White Lotus Season 3 | Official Teaser | Max
The White Lotus Season 3 | Official Teaser | MaxMax
Просмотров 1,3 млн
Gas Fruit Is The MOST OVERPOWERED Fruit.. (Blox Fruits)10:37Gas Fruit Is The MOST OVERPOWERED Fruit.. (Blox Fruits)
Gas Fruit Is The MOST OVERPOWERED Fruit.. (Blox Fruits)FoltynPlays
Просмотров 871 тыс.
Lab: Client-Side Desync17:55Lab: Client-Side Desync
Lab: Client-Side DesyncJarno Timmermans
Просмотров 5 тыс.
HTTP/2: The Sequel is Always Worse35:15HTTP/2: The Sequel is Always Worse
HTTP/2: The Sequel is Always WorseBlack Hat
Просмотров 6 тыс.
Phishing 2.0 - Detecting Evilginx, EvilnoVNC, Muraena and Modlishka46:05Phishing 2.0 - Detecting Evilginx, EvilnoVNC, Muraena and Modlishka
Phishing 2.0 - Detecting Evilginx, EvilnoVNC, Muraena and ModlishkaPush Security
Просмотров 4,7 тыс.
Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers31:54Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers
Android Universal Root: Exploiting Mobile GPU / Command Queue DriversBlack Hat
Просмотров 4,8 тыс.
HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attack19:06HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attack
HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attacksecurityguideme
Просмотров 15 тыс.
Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu Humbert48:05Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu Humbert
Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu HumbertDevoxx
Просмотров 1,2 тыс.
HTTP Request Smuggling - False Positives16:40HTTP Request Smuggling - False Positives
HTTP Request Smuggling - False PositivesPinkDraconian
Просмотров 13 тыс.
Hacking Out of a Network - Computerphile25:52Hacking Out of a Network - Computerphile
Hacking Out of a Network - ComputerphileComputerphile
Просмотров 242 тыс.
Practical Attacks Using HTTP Request Smuggling by @defparam #NahamCon202044:41Practical Attacks Using HTTP Request Smuggling by @defparam #NahamCon2020
Practical Attacks Using HTTP Request Smuggling by @defparam #NahamCon2020NahamSec
Просмотров 42 тыс.
Smart Sigma Kid #funny #sigma00:24Smart Sigma Kid #funny #sigma
Smart Sigma Kid #funny #sigmaCRAZY GREAPA
Просмотров 2,7 млн
SON DƏQİQƏ: AZAL-ın təyyarəsi Rusiyanın “Pantsir-S” HHM-nin hücumuna məruz qalıb06:51SON DƏQİQƏ: AZAL-ın təyyarəsi Rusiyanın “Pantsir-S” HHM-nin hücumuna məruz qalıb
SON DƏQİQƏ: AZAL-ın təyyarəsi Rusiyanın “Pantsir-S” HHM-nin hücumuna məruz qalıbREAL TV
Просмотров 101 тыс.
Make iced coffee from leftovers that everyone has at home00:53Make iced coffee from leftovers that everyone has at home
Make iced coffee from leftovers that everyone has at homeYounes Zarou
Просмотров 7 млн
Bang Chan "Railway" | [Stray Kids : SKZ-PLAYER]03:18Bang Chan "Railway" | [Stray Kids : SKZ-PLAYER]
Bang Chan "Railway" | [Stray Kids : SKZ-PLAYER]Stray Kids
Просмотров 1 млн
Ни одна Алиса не пострадала00:59Ни одна Алиса не пострадала
Ни одна Алиса не пострадалаCadrol&Fatich
Просмотров 609 тыс.
ТВОЙ СОСЕД ЗАНИМАЕТ ДЕНЬГИ😂#shorts01:00ТВОЙ СОСЕД ЗАНИМАЕТ ДЕНЬГИ😂#shorts
ТВОЙ СОСЕД ЗАНИМАЕТ ДЕНЬГИ😂#shortsBATEK_OFFICIAL
Просмотров 1,3 млн
ДИКИЙ ДИРЕКТОР ОТРАБАТЫВАЕТ БОЕВЫЕ ИСКУССТВА НА ПОКУПАТЕЛЯХ / ВЫШВЫРНУЛ ИЗ МАГАЗИНА, НО... 1 ЧАСТЬ24:17ДИКИЙ ДИРЕКТОР ОТРАБАТЫВАЕТ БОЕВЫЕ ИСКУССТВА НА ПОКУПАТЕЛЯХ / ВЫШВЫРНУЛ ИЗ МАГАЗИНА, НО... 1 ЧАСТЬ
ДИКИЙ ДИРЕКТОР ОТРАБАТЫВАЕТ БОЕВЫЕ ИСКУССТВА НА ПОКУПАТЕЛЯХ / ВЫШВЫРНУЛ ИЗ МАГАЗИНА, НО... 1 ЧАСТЬARTEM WOLF
Просмотров 697 тыс.
Remember your training 🥋00:25Remember your training 🥋
Remember your training 🥋Anwar Jibawi
Просмотров 6 млн