Portable Data exFiltration XSS for PDFs - Gareth Heyes
Gareth Heyes presents his latest research - Portable Data exFiltration XSS for PDFs. This is the director's cut of the presentation that premiered at Black Hat Europe on December 10th, 2020. Read the full whitepaper: https://portswigger.net/research/portable-data-exfiltration
PDF documents and PDF generators are ubiquitous on the web, and so are injection vulnerabilities. Did you know that controlling a measly HTTP hyperlink can provide a foothold into the inner workings of a PDF? In this session, you will learn how to use a single link to compromise the contents of a PDF and exfiltrate it to a remote server, just like a blind XSS attack.
Resources:
https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html
https://speakerdeck.com/ange/lets-write-a-pdf-file
https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/htmlpresent
Видео Portable Data exFiltration XSS for PDFs - Gareth Heyes канала PortSwigger
PDF documents and PDF generators are ubiquitous on the web, and so are injection vulnerabilities. Did you know that controlling a measly HTTP hyperlink can provide a foothold into the inner workings of a PDF? In this session, you will learn how to use a single link to compromise the contents of a PDF and exfiltrate it to a remote server, just like a blind XSS attack.
Resources:
https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html
https://speakerdeck.com/ange/lets-write-a-pdf-file
https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/htmlpresent
Видео Portable Data exFiltration XSS for PDFs - Gareth Heyes канала PortSwigger
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Bypassing XSS filters by enumerating permitted tags and attributes using Burp Suite
Evaluating inputs with Burp Suite
Burp Suite Shorts | Organizer
Mapping the visible attack surface with Burp Suite
Configuring SAML SSO with Okta in Burp Suite Enterprise Edition
Testing for reflected XSS manually with Burp Suite
Testing for stored XSS with Burp Suite
Testing for clickjacking using Burp Suite
Testing horizontal access controls using Burp Suite
When I'm Scanning Websites 🎵
Integrating Burp Suite Enterprise Edition with Slack
Testing for IDORs using Burp Suite
Working with JWTs in Burp Suite
Burp Suite Shorts | Global Crawl Paths View
Intro to Dastardly, free lightweight CI/CD DAST scanner from Burp Suite
Discovering a race condition vulnerability in Gitlab with the single-packet attack
Maintaining an authenticated session using Burp Suite
Testing for parameter-based access control using Burp Suite
Bypassing client-side controls with Burp Suite
Testing for prototype pollution with DOM Invader
Manipulating WebSocket messages with Burp Suite