YoVDO

SSRF vs Business Critical Applications

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Penetration Testing Courses Server-Side Request Forgery (SSRF) Courses Security Vulnerabilities Courses

Course Description

Overview

Explore a comprehensive analysis of Server Side Request Forgery (SSRF) attacks and their impact on business-critical applications in this Black Hat USA 2012 conference talk. Delve into the intricacies of SSRF vulnerabilities, with a focus on XXE Tunneling, and learn how these techniques can bypass multiple layers of security defenses. Discover how attackers can exploit trusted sources to compromise secured systems, using SAP as a practical example. Examine various SSRF vulnerabilities that enable internal network port scanning, unauthorized HTTP requests, and backend bruteforcing. Gain insights into the powerful XXE Tunneling technique and its potential to reopen old attack vectors and create new ones in business-critical systems. Learn about the OWASP-EAS project's XXEScanner tool, designed to gather critical information, perform scans, and execute attacks on vulnerable hosts or backends. Understand the implications of these attacks on enterprise resource planning (ERP) systems, portals, business intelligence platforms, and industrial control systems.

Syllabus

Intro
2 ERP Scan
Enterprise applications: Definitions
Business-critical systems architecture
Secure corporate network
Corporate network attack scenario
SSRF History: Basics
SSRF history: World research
Trusted SSRF: Oracle Database
SSRF Types: SAP
Remote SSRF: Subtypes
Simple Remote SSRF: Login bruteforce
XXE Attacks on other services
Full Remote SSRF
Remote SSRF threats
XXE Tunneling to Verb Tampering
XXE Tunneling to Buffer Overflow (Hint 2)
XXE Tunneling to Buffer Overflow: Packet B
XXE Tunneling to Buffer Overflow (Hint 3)
XXE Tunneling to Rsh
Bypass SAP security restrictions
SAP Gateway server security bypass: Exploit
SAP Message Server security bypass
Oracle DB security bypass
Conclusion?
Purpose
How is it working?
Few steps
Action: Test
Action: Scan
Action: Attack
DEMO


Taught by

Black Hat

Related Courses

Blockchain Scalability and its Foundations in Distributed Systems
The University of Sydney via Coursera
Don's Introduction to Ethical Hacking for Beginners
Udemy
Hacking und Netzwerkanalyse mit Wireshark - Der Komplettkurs
Udemy
Penetration Testing of Identity, Authentication and Authorization Mechanism
Pluralsight
ASP.NET MVC 5 Identity: Authentication and Authorization
LinkedIn Learning