Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Weaponizing Plain Text - ANSI Escape Sequences as a Forensic Nightmare

Ekoparty Security Conference via YouTube

Overview

Explore the dark side of log manipulation in this 49-minute conference talk from Ekoparty 2023. Dive into the world of ANSI escape sequences and their potential for injecting, vandalizing, and weaponizing plaintext logfiles in modern applications. Revisit a dormant vulnerability class, examining old terminal injection research and log tampering techniques from the 80s and 90s, while combining them with new features to create chaos in cloud CLIs, mobile devices, and DevOps terminal emulators. Learn about the consequences of malicious escape sequences in logfiles and discover preventive measures to ensure log data integrity. Join hacker and creative STÖK on this colorful ANSI adventure to understand the importance of trustworthy log data and how to avoid a potential forensic nightmare in application security.

Syllabus

Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare -STOK - Ekoparty 2023

Taught by

Ekoparty Security Conference

Reviews

Start your review of Weaponizing Plain Text - ANSI Escape Sequences as a Forensic Nightmare

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.