[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Server Side Request Forgery attacks on web-applications

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Server Side Request Forgery attacks on web-applications
From: Vladimir Vorontsov <vladimir.vorontsov@xxxxxxxx>
Date: Thu, 29 Nov 2012 01:37:36 +0400

Hello world!

Would like to present some words in webapp security area.

*SSRF - Server Side Request Forgery attacks. The ability to create
requests from the vulnerable server to intra/internet. Using a protocol
supported by available URI schemas, you can communicate with services
running on other protocols (smuggling).
*Slides:
http://www.slideshare.net/d0znpp/ssrf-attacks-and-sockets-smorgasbord-of-vulnerabilities
**Cheatsheet** httphttp://goo.gl/oRMhg <http://t.co/s50aBOWR>


Wish you interesting reading
Thx for attention.

//d0znpp  
<http://t.co/s50aBOWR>

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [Security-news] SA-CONTRIB-2012-168 - Services - Information Disclosure
Next by Date: [Full-disclosure] [Security-news] SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS)
Previous by thread: [Full-disclosure] [Security-news] SA-CONTRIB-2012-168 - Services - Information Disclosure
Next by thread: [Full-disclosure] [Security-news] SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS)
Index(es):
- Date
- Thread