YoVDO

Prototype Pollution Leads to RCE - Gadgets Everywhere

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Javascript Courses Node.Js Courses Remote Code Execution Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical security implications of Prototype Pollution vulnerabilities in JavaScript applications through this 40-minute Black Hat conference talk. Delve into how these vulnerabilities can be exploited beyond simple denial of service attacks, potentially leading to remote code execution. Discover the prevalence of exploitable gadgets in Node.js core code and popular NPM packages that can be triggered by Prototype Pollution. Learn about the research conducted by Mikhail Shcherbakov, analyzing Node.js source code for these dangerous gadgets and understanding the increased risk of exploitation in various applications. Gain valuable insights into this often underestimated security threat and its potential for severe consequences in JavaScript ecosystems.

Syllabus

Prototype Pollution Leads to RCE: Gadgets Everywhere


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube