BloomTech’s Downfall: A Long Time Coming

FileCry - The New Age of XXE

FileCry - The New Age of XXE

Black Hat via YouTube Direct link

Introduction

1 of 35
Next

1 of 35

Introduction

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

FileCry - The New Age of XXE

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Introduction
  2. 2 Defending Against External Entities
  3. 3 External Entities
  4. 4 ZeroDay
  5. 5 Resolvers
  6. 6 Nested Exception
  7. 7 Cause Exception
  8. 8 Exception
  9. 9 ASP
  10. 10 Disable External Entities
  11. 11 Parsers
  12. 12 Disable Protocols
  13. 13 What are we targeting
  14. 14 Browser history
  15. 15 Vulnerability trigger
  16. 16 quirks mode
  17. 17 vulnerable mode
  18. 18 how to parse XML
  19. 19 how to exploit the vulnerability
  20. 20 payload
  21. 21 parse
  22. 22 bypass similar policies
  23. 23 example
  24. 24 click on link
  25. 25 second demo
  26. 26 limitations
  27. 27 parse error
  28. 28 cookie files
  29. 29 enumerate
  30. 30 extra treat
  31. 31 who is vulnerable
  32. 32 update
  33. 33 conclusions
  34. 34 Thank you
  35. 35 Questions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.