Friday the 13th: JSON Attacks

oUAeWhW5b8c/default.jpg

2016 was the year of Java deserialization apocalypse. Although Java Deserialization attacks were known for years, the publication of the Apache Commons Collection Remote Code Execution (RCE from now on) gadget finally brought this forgotten vulnerability to the spotlight and motivated the community to start finding and fixing these issues.

by Alvaro Muñoz & Oleksandr Mirosh

Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefi...

oUAeWhW5b8c/default.jpg
Friday the 13th: JSON Attacks Friday the 13th: JSON Attacks Reviewed by Dump3R H3id3gg3R on 11:37 AM Rating: 5

Disqus for gamers-youtube