Completed
Request reflection
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
HTTP Desync Attacks - Request Smuggling Reborn
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Outline
- 3 HTTP/1.1 keep-alive, desynchronized
- 4 Desynchronizing: the classic approach
- 5 Desynchronizing: the chunked approach
- 6 Desynchronizing: the TE.CL approach
- 7 Methodology
- 8 Detecting desync
- 9 Confirming desync
- 10 Bypassing rules
- 11 Bypassing rewrites
- 12 Request reflection
- 13 Exploring
- 14 Involuntary request storage
- 15 Harmful responses
- 16 Accidental Cache Poisoning
- 17 Chaining DOM Problems
- 18 Redirects with teeth
- 19 Web Cache Poisoning
- 20 PayPal Poisoning
- 21 Wrapped exploits
- 22 Aggressive detection
- 23 Source code review
- 24 Other sources
- 25 Defence
- 26 Case Study: Application Load Balancer BHEU EXCLUSIVE