Practical Web Cache Poisoning: Redefining 'Unexploitable'

j2RrmNxJZ5c/default.jpg

Modern web applications are composed from a crude patchwork of caches and content delivery networks. In this session I'll show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone that makes the mistake of visiting their homepage.

By James Kettle

Full Abstract & Presentation Materials: https://www.blackhat.com/us-18/briefi...

j2RrmNxJZ5c/default.jpg
Practical Web Cache Poisoning: Redefining 'Unexploitable' Practical Web Cache Poisoning: Redefining 'Unexploitable' Reviewed by Dump3R H3id3gg3R on August 28, 2018 Rating: 5