Explore cutting-edge web cache exploitation techniques in this conference talk from Ekoparty Security Conference 2024. Dive deep into two powerful new techniques that leverage RFC ambiguities to bypass traditional web cache deception and poisoning attack limitations. Learn about Static Path Deception through real-world case studies demonstrating how to compromise application confidentiality in Nginx-Cloudflare and Apache-CloudFront environments. Discover Cache Key Confusion and its implementation to achieve arbitrary cache poisoning and denial of service in major platforms like Microsoft Azure Cloud and OpenAI. Watch a live demonstration combining Cache Key Confusion with open redirect vulnerabilities to execute cross-domain JavaScript code by manipulating static file responses. Master HTTP/0.9 request smuggling techniques for generating custom responses with arbitrary cache keys to gain complete control over vulnerable websites. Gain access to an open-source vulnerability detection tool and hands-on lab environment to practice advanced cache exploitation skills and develop a comprehensive methodology for identifying URL and HTTP discrepancies.
Gotta Cache Em All - Bending the Rules of Web Cache Exploitation
Ekoparty Security Conference via YouTube
Overview
Syllabus
Gotta Cache Em All: Bending the rules of web cache exploitation - Martin Doyhenard - Ekoparty 2024
Taught by
Ekoparty Security Conference