24C3 - 1.01
24th Chaos Communication Congress
Volldampf voraus!
Referenten | |
---|---|
kuza55 |
Programm | |
---|---|
Tag | Tag 4 (2007-12-30) |
Raum | Saal 2 |
Beginn | 17:15 |
Dauer | 01:00 |
Info | |
ID | 2212 |
Veranstaltungstyp | lecture |
Track | Hacking |
Sprache | en |
Feedback | |
---|---|
Haben Sie diese Veranstaltung besucht? Feedback abgeben |
Unusual Web Bugs
A Web Hacker's Bag O' Tricks
While many issues in web apps have been documented, and are fairly well known, I would like to shine some light on mostly unknown issues, and present some new techniques for exploiting previously unexploitable bugs.
This lecture will not be an introduction to webappsec as many lectures are, so I will assume that everyone knows about common web vulnerabilities/exploits and why they are bad, and I will present a bunch of esoteric and previously unknown knowledge about how to exploit webapps, primarily those written in PHP, but some techniques are applicable to other languages, etc.