No video
albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference
Рет қаралды 53,045
Күн бұрын
@sakettestsakettest8009 4 жыл бұрын
Massive respect to him...this guy is a genius.
@6544441 4 жыл бұрын
You can find the whitepaper, tool, and online labs at portswigger.net/research/http-desync-attacks-request-smuggling-reborn
@mo938 2 жыл бұрын
@xXRedTheDragonXx 3 жыл бұрын
This is legitimately one of the worst vulnerabilities ever discovered. Honestly, this should scare every developer, server host, backend developer, frontend developer, CDN developer, anyone who's software was exploited in the chain and every user on the internet. Being able to inject code to random users page with nothing but a few post requests is absolutely terrifying, and being able to steal plain-text creds is horrifying
@kof2002x 4 жыл бұрын
honestly i like the researches of albinowax "Respect"
@ChadChad1776 4 жыл бұрын
Scariest talk I've ever watched.
@BeggarsAreChoosers 4 жыл бұрын
As always, outstanding research material by James (albinowax). This is such a big material by itself, I don't know how to understand every bit of this attack. Just checked that his blog on this attack is around 26 pages long with lots of other pointers and links. It's almost kind of a book. I don't know I will be able to understand fully as only a Genius like him can make this type of material and only a Genious will understand it fully. This might take my entire life to go through all research materials that he alone contributes every year. His name will be in the history of Ethical Hacking.
@0x1h0b 4 жыл бұрын
Man.. i love how good he explains.. huge respect sir..
@CropCircleSystems 4 жыл бұрын
Great exploits. I could smell this vulnerability almost as long as I can remember and it's just insane how long, far and wide it's still applicable after being documented over a decade ago. I never could have done and put together all this research and implemented such effective exploits. Thorough exploration of the problem space. Thorough documentation of cause and effect. GREAT presentation. My favorite from DEFCON 27. I was on the edge of my seat the entire time. On another note, I've been pronouncing the letter H wrong my entire life. Thank you so much for this albinowax!
@UsamaAli-kr2cw Жыл бұрын
This is mind blowing research done by james :)
@jpphoton 23 күн бұрын
the vast domain space of http and a brilliant mind laying it down like Shakespeare extremely insightful thank you
@sveneFX Жыл бұрын
Thx so much for sharing, this is insane - well done!
@nikivc 4 жыл бұрын
Super awesome, what a good talk !
@KristyLeeDeTert-qr3yb Ай бұрын
😊❤
@JuanBotes 2 жыл бұрын
Thanks for sharing your knowledge \o/
@KeithMakank3 Жыл бұрын
Missed opertunity to call this a : Joiny Cache vulnerability
@DaveKupratis 4 жыл бұрын
Very well done!
@FantubeChannel 4 жыл бұрын
Awesome!
@steiner254 2 жыл бұрын
This is awesome!
@siddharthchhetry4218 3 жыл бұрын
Godly guy.
@gddaredevil Жыл бұрын
*_great_*
@iamkid4357 4 жыл бұрын
awesome
@5uSWEq7t 4 жыл бұрын
wizard class hacker
@alphawolf4446 4 жыл бұрын
0 dislikes - that's my boy standard : )
@amithc9429 4 жыл бұрын
😍😍😍
@TheIndiaView 3 жыл бұрын
fucking awesome
@RyanLynch1 4 жыл бұрын
wow I want to be that smart one day lol... then maybe I can get PayPal to give me 40k too haha
DEFCONConference
Рет қаралды 30 М.
Friendeez
Рет қаралды 19 МЛН
Sergio Outdoors
Рет қаралды 49 МЛН
Cool Items Official
Рет қаралды 21 МЛН
DEFCONConference
Рет қаралды 80 М.
DEF CON 30 - James Kettle - Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
DEFCONConference
Рет қаралды 14 М.
Bug Bounty Reports Explained
Рет қаралды 7 М.
OWASP Foundation
Рет қаралды 12 М.