YoVDO

DataBinding2Shell - Novel Pathways to RCE Web Frameworks

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Ruby on Rails Courses Remote Code Execution (RCE) Courses Grails Courses Web Application Security Courses Remote Code Execution Courses

Course Description

Overview

Explore a comprehensive analysis of security vulnerabilities in DataBinding mechanisms across popular web frameworks. Delve into the research conducted on top frameworks like Spring, Struts, Grails, and Ruby on Rails, uncovering critical security bugs that can lead to remote code execution. Learn about the potential risks associated with DataBinding, moving beyond the well-known Mass Assignment issue to examine the security of the mechanism itself. Gain insights into novel attack vectors and understand the implications for web application security. This 37-minute Black Hat conference talk provides valuable information for developers, security professionals, and anyone interested in web framework vulnerabilities and exploitation techniques.

Syllabus

DataBinding2Shell: Novel Pathways to RCE Web Frameworks


Taught by

Black Hat

Related Courses

What's New in Grails 2.0
ChariotSolutions via YouTube Building Modern DSLs in Groovy
Devoxx via YouTube Creating RESTful Web Services with Grails 3
Devoxx via YouTube IntelliJ IDEA 15 Preview - New Features Overview
JetBrains via YouTube GRAIL - A Generalized Representation and Aggregation of Information Layers
EmacsConf and Emacs hangouts via YouTube