Jump to content
Nytro

Web Cache Deception Attack

By Nytro, in Securitate web

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Wednesday, July 26, 2017

Web Cache Deception Attack: White Paper

 
The Web Cache Deception attack vector was first published in this blog on February 2017. Since then, I presented it on Black Hat USA 2017 and BSides Tel-Aviv 2017.
 
Now, I'm proud to release a white paper explaining all about this attack, including:
- Attack methodology
- Implications
- Conditions
- Known web frameworks and caching mechanisms that meet the attack conditions
- Mitigations
 
 
In addition, you can find the presentation used in the Black Hat USA 2017 conference.
 
Huge thanks to all those who assisted along the way:
Sagi Cohen, Bill Ben Haim, Sophie Lewin, Or Kliger, Gil Biton, Yakir Mordehay, Hagar Livne
 
Would love to receive your feedback here and on Twitter (@omer_gil).
 
Enjoy!
 
 
Posted by Omer Gil at 1:19:00 PM

 

Sursa: https://omergil.blogspot.ro/2017/07/web-cache-deception-attack-white-paper.html

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...