@BlackHatOfficialYT
@BlackHatOfficialYT
Black Hat | New Techniques for Split-Second DNS Rebinding @BlackHatOfficialYT | Uploaded 6 months ago | Updated 13 hours ago
...In this talk, I will present two new techniques that can be used to achieve reliable, split-second DNS rebinding in Chrome, Edge, and Safari on hosts with IPv6 access, along with a method to bypass Chrome's restrictions on requests to the local network. I will also walk through a real-world attack against a web application resulting in AWS credentials to demonstrate how achievable rebinding attacks can be....

By: Daniel Thatcher

Full Abstract and Presentation Materials:
blackhat.com/eu-23/briefings/schedule/#new-techniques-for-split-second-dns-rebinding-35619
New Techniques for Split-Second DNS RebindingThe Key to Remote Vehicle Control: Autonomous Driving Domain ControllerOven Repair (The Hardware Hacking Way)Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK EvaluationsForward Focus: Perspectives on AI, Hype, and SecurityOperation PoisonedApple: Tracing Credit Card Information Theft to Payment FraudOne Flip is All It Takes: Identifying Syscall-Guard Variables for Data-Only AttacksLemons and Liability: Cyber Warranties as an Experiment in Software RegulationThe Fault in Our Metrics: Rethinking How We Measure Detection & ResponseEmerging Frontiers: Insights from the Black Hat Asia Review BoardLinkDoor: A Hidden Attack Surface in the Android Netlink Kernel Modulesnpm and Sigstore: Provenance Comes to the Worlds Largest OSS Ecosystem

New Techniques for Split-Second DNS Rebinding @BlackHatOfficialYT

SHARE TO X SHARE TO REDDIT SHARE TO FACEBOOK WALLPAPER