Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Breaking Parser Logic - Take Your Path Normalization Off and Pop 0days Out
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Orange Tsai
- 3 Agenda
- 4 Polyglot URL path
- 5 Why path normalization
- 6 Can you spot the vulnerability?
- 7 Nginx off-by-slash fail
- 8 How to find this problem?
- 9 Spring Oday - CVE-2018-1271
- 10 Bonus on Spark framework
- 11 Rails Oday - CVE-2018-3760
- 12 For the RCE lover
- 13 URL path parameter
- 14 When reverse proxy meets...
- 15 How danger it could be?
- 16 Am I affected by this vuln?
- 17 Uber bounty case
- 18 Bynder RCE case study
- 19 Inconsistency to ACL bypass
- 20 Misconfiguration to auth bypass
- 21 Log injection to RCE
- 22 Amazon RCE case study
- 23 Path normalization bug leads to ACL bypass
- 24 Seam Feature
- 25 Code reuse bug leads to Expression Language injection
- 26 EL blacklist bypassed leads to Remote Code Execution
- 27 Chain all together
- 28 Mitigation
- 29 Summary
- 30 Reference