DEF CON Forum Site Header Art


No announcement yet.

Initial Compromise through Web Side

  • Filter
  • Time
  • Show
Clear All
new posts

  • Initial Compromise through Web Side

    Initial compromise seems to be tied to client side, but, there are several attack vectors on Web side besides a simple RCE.
    During this talk I will show 3 cases of getting the initial compromise through vulnerabilities found in application servers and thin clients services going from breaking authentication process, escaping controls and how to solve some challenges during exploitation of what seems an easy peasy. Objectives of this talk are : show how important is to make a good OSINT, make a good dictionary, manage escape sequences in thin client services, how to modify already developed exploits for our current target and the benefit for blue teams to have applications security integrated with infrastructure/operations security.

    Speaker(s): Walter Cuestas

    Location: Red Team Vlg


    Event starts: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)

    Event ends: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:26 (UTC).
    August 8, 2020 11:00
    August 8, 2020 12:00
    Red Team Vlg