Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Prototype Pollution Leads to RCE - Gadgets Everywhere

Black Hat via YouTube

Overview

Explore the critical security implications of Prototype Pollution vulnerabilities in JavaScript applications through this 40-minute Black Hat conference talk. Delve into how these vulnerabilities can be exploited beyond simple denial of service attacks, potentially leading to remote code execution. Discover the prevalence of exploitable gadgets in Node.js core code and popular NPM packages that can be triggered by Prototype Pollution. Learn about the research conducted by Mikhail Shcherbakov, analyzing Node.js source code for these dangerous gadgets and understanding the increased risk of exploitation in various applications. Gain valuable insights into this often underestimated security threat and its potential for severe consequences in JavaScript ecosystems.

Syllabus

Prototype Pollution Leads to RCE: Gadgets Everywhere

Taught by

Black Hat

Reviews

Start your review of Prototype Pollution Leads to RCE - Gadgets Everywhere

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.