Exploiting SSTI in Thymeleaf
One of the most comfortable ways to build web pages is by using server-side templates. Such templates let you create HTML pages that include special elements that you can fill and modify dynamically. They are easy to understand for designers and easy to maintain for... Read more The post Exploiting ... Read More
Bypassing SOP Using the Browser Cache
Misconfigured caching can lead to various vulnerabilities. For example, attackers may use badly-configured intermediate servers (reverse proxies, load balancers, or cache proxies) to gain access to sensitive data. Another way to exploit caching is through... Read More → The post Bypassing SOP Using the Browser Cache appeared first on Acunetix ... Read More
A Fresh Look On Reverse Proxy Related Attacks
In recent years, several researches have been published about attacks deliberately or directly related to reverse proxies. While implementing various reverse-proxy checks on the scanner, I started analyzing implementations of reverse proxies. Initially, I wanted to analyze how both reverse proxies and web servers parse requests, find out inconsistencies in ... Read More
Better Web-Pentesting in Windows with AHK
Recently, I have moved to Malta. It’s quite hot here, but as I’m from colder country, I like it very much. Actually, I’m obsessed with everything hot, including hotkeys! Every pentester / researcher / bugbounter / etc has their own approach to doing things in their own work environment. So ... Read More
Deserialization Vulnerabilities: Attacking Deserialization in JS
At ZeroNights 2017 conference, I spoke about “Deserialization vulnerabilities in various languages”. For my presentation, I used an interesting article about two serialization packages of Node.js. I showed them as examples of vulnerable implementations of deserialization processes. In this post, I’d like to show results of my own research and ... Read More
