DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Initial Compromise through Web Side

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Initial Compromise through Web Side

    Initial compromise seems to be tied to client side, but, there are several attack vectors on Web side besides a simple RCE.
    During this talk I will show 3 cases of getting the initial compromise through vulnerabilities found in application servers and thin clients services going from breaking authentication process, escaping controls and how to solve some challenges during exploitation of what seems an easy peasy. Objectives of this talk are : show how important is to make a good OSINT, make a good dictionary, manage escape sequences in thin client services, how to modify already developed exploits for our current target and the benefit for blue teams to have applications security integrated with infrastructure/operations security.

    Speaker(s): Walter Cuestas

    Location: Red Team Vlg

    Discord: https://discord.com/channels/7082082...77357820411944

    Event starts: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)

    Event ends: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:26 (UTC).
    Starts
    August 8, 2020 11:00
    Ends
    August 8, 2020 12:00
    Location
    Red Team Vlg
Working...
X