Portable Data exFiltration XSS for PDFs - Gareth Heyes
Gareth Heyes presents his latest research - Portable Data exFiltration XSS for PDFs. This is the director's cut of the presentation that premiered at Black Hat Europe on December 10th, 2020. Read the full whitepaper: https://portswigger.net/research/portable-data-exfiltration
PDF documents and PDF generators are ubiquitous on the web, and so are injection vulnerabilities. Did you know that controlling a measly HTTP hyperlink can provide a foothold into the inner workings of a PDF? In this session, you will learn how to use a single link to compromise the contents of a PDF and exfiltrate it to a remote server, just like a blind XSS attack.
Resources:
https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html
https://speakerdeck.com/ange/lets-write-a-pdf-file
https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/htmlpresent
Видео Portable Data exFiltration XSS for PDFs - Gareth Heyes канала PortSwigger
PDF documents and PDF generators are ubiquitous on the web, and so are injection vulnerabilities. Did you know that controlling a measly HTTP hyperlink can provide a foothold into the inner workings of a PDF? In this session, you will learn how to use a single link to compromise the contents of a PDF and exfiltrate it to a remote server, just like a blind XSS attack.
Resources:
https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html
https://speakerdeck.com/ange/lets-write-a-pdf-file
https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/htmlpresent
Видео Portable Data exFiltration XSS for PDFs - Gareth Heyes канала PortSwigger
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Bypassing XSS filters by enumerating permitted tags and attributes using Burp SuiteEvaluating inputs with Burp SuiteBurp Suite Shorts | OrganizerMapping the visible attack surface with Burp SuiteConfiguring SAML SSO with Okta in Burp Suite Enterprise EditionTesting for reflected XSS manually with Burp SuiteTesting for stored XSS with Burp SuiteTesting for clickjacking using Burp SuiteTesting horizontal access controls using Burp SuiteWhen I'm Scanning Websites 🎵Integrating Burp Suite Enterprise Edition with SlackTesting for IDORs using Burp SuiteWorking with JWTs in Burp SuiteBurp Suite Shorts | Global Crawl Paths ViewIntro to Dastardly, free lightweight CI/CD DAST scanner from Burp SuiteDiscovering a race condition vulnerability in Gitlab with the single-packet attackMaintaining an authenticated session using Burp SuiteTesting for parameter-based access control using Burp SuiteBypassing client-side controls with Burp SuiteTesting for prototype pollution with DOM InvaderManipulating WebSocket messages with Burp Suite