Explore the untapped potential of web race-condition attacks in this 38-minute Black Hat conference talk. Delve beyond traditional limit-overrun exploits and discover multiple new classes of race conditions. Learn how to exploit the delicate state machines lurking within websites by firing salvos of conflicting inputs, enabling the forging of trusted data, misrouting of tokens, and masking of backdoors. Witness demonstrations of these exploits across high-profile websites and a popular authentication framework. Presented by James Kettle, this talk challenges conventional understanding of web race conditions and reveals their true power in compromising web security.
Smashing the State Machine - The True Potential of Web Race Conditions
Overview
Syllabus
Smashing the State Machine: The True Potential of Web Race Conditions
Taught by
Black Hat
Related Courses
-
Smashing the State Machine - The True Potential of Web Race Conditions
-
Smashing the State Machine: Advanced Web Race Condition Attacks
-
A Race Against Time - How to Exploit Race Conditions in Web Apps
-
The Voight-Kampff Test for Discovering Web Application Vulnerabilities
-
Attacking Modern Web Technologies
