WebApp Sec mailing list archives
Whitepaper: RPO exploitation techniques
From: Takeshi Terada <mbsdtest01 () gmail com>
Date: Wed, 1 Jul 2015 12:23:28 +0900
Dear all, MBSD released a whitepaper on RPO (Relative Path Overwrite) attack techniques. http://www.mbsd.jp/Whitepaper/rpo.pdf TOC 1. Introduction 2. Path manipulation techniques 2.1. Loading another file on IIS/ASP.NET 2.2. Loading another file on Safari/Firefox 2.3. Loading another file on WebLogic/IE 2.4. Loading file with query string on WebLogic+Apache 2.5. Attack possibility in other environments 3. Forcing IE's CSS expression via CV 4. Non-stylesheet RPO attacks 5. A path handling bug in CakePHP 6. Conclusion As shown above, it includes several miscellaneous techniques that can increase the exploitability of RPO. Best regards, -- Takeshi Terada Mitsui Bussan Secure Directions, Inc. http://www.mbsd.jp/ This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Whitepaper: RPO exploitation techniques Takeshi Terada (Jul 01)