Weaponizing Plain Text - ANSI Escape Sequences as a Forensic Nightmare
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore the dark side of log manipulation in this 49-minute conference talk from Ekoparty 2023. Dive into the world of ANSI escape sequences and their potential for injecting, vandalizing, and weaponizing plaintext logfiles in modern applications. Revisit a dormant vulnerability class, examining old terminal injection research and log tampering techniques from the 80s and 90s, while combining them with new features to create chaos in cloud CLIs, mobile devices, and DevOps terminal emulators. Learn about the consequences of malicious escape sequences in logfiles and discover preventive measures to ensure log data integrity. Join hacker and creative STÖK on this colorful ANSI adventure to understand the importance of trustworthy log data and how to avoid a potential forensic nightmare in application security.
Syllabus
Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare -STOK - Ekoparty 2023
Taught by
Ekoparty Security Conference
Related Courses
Cybersecurity FundamentalsRochester Institute of Technology via edX Cyber Security in Manufacturing
University at Buffalo via Coursera Cybersecurity
Rochester Institute of Technology via edX Cyber Incident Response
Infosec via Coursera SSCP Cert Prep: 4 Incident Response and Recovery
LinkedIn Learning