Web Application Security
Whitepaper: RPO exploitation techniques Jul 01 2015 03:23AM
Takeshi Terada (mbsdtest01 gmail com)
Dear all,

MBSD released a whitepaper on RPO (Relative Path Overwrite) attack techniques.
http://www.mbsd.jp/Whitepaper/rpo.pdf

TOC
1. Introduction
2. Path manipulation techniques
2.1. Loading another file on IIS/ASP.NET
2.2. Loading another file on Safari/Firefox
2.3. Loading another file on WebLogic/IE
2.4. Loading file with query string on WebLogic+Apache
2.5. Attack possibility in other environments
3. Forcing IE's CSS expression via CV
4. Non-stylesheet RPO attacks
5. A path handling bug in CakePHP
6. Conclusion

As shown above, it includes several miscellaneous techniques
that can increase the exploitability of RPO.

Best regards,

--
Takeshi Terada
Mitsui Bussan Secure Directions, Inc.
http://www.mbsd.jp/

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus