Completed
Remediation Options • Why not use a better serialization strategy? "It's 2016, there are better options." -Luca Carettoni
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Automated Gadget Chain Discovery for Deserialization Vulnerability Remediation
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Deserialization Gadget Chains
- 3 What is a Deserialization Vulnerability? In object oriented languages (like Java), data is contained in classes and classes contain code.
- 4 Magic Methods? • readObject() and readResolve() are the main ones...
- 5 Magic Methods to Gadget Chains
- 6 Example Payload
- 7 Finding Vulnerabilities • Finding potential vulnerabilities is similar to finding many application security issues
- 8 Remediation Options • Why not use a better serialization strategy? "It's 2016, there are better options." -Luca Carettoni
- 9 Finding Exploits
- 10 Gadget Inspector • Operates on any given classpath, i.e. a particular library or an entire war • Reports discovered gadget chains as a sequence of method invocations • Performs some simplistic symbol…
- 11 How Does It Work?
- 12 Deserialization Library Flexibility
- 13 New Gadget Chains: Clojure org.clojure clojure 6th most popular maven dependency
- 14 New Gadget Chains: Scala
- 15 Results: Netflix Internal Webapp 1
- 16 Results: Netflix Internal Webapp 2
- 17 Final Thoughts • Automatic discovery for gadget chains is new territory
