Apache Struts, a once little known web application framework, is now common knowledge to enterprise attackers and defenders due to its extensive exploitation by attackers over the past two years. Attackers have leveraged three critical vulnerabilities to successfully exploit Apache Struts indiscriminately. This formed the basis of industry-wide attacks for profit as well as targeted attacks against prominent organizations. Many organizations believed that the existence of public signatures would offer detection and prevention of this activity but were disappointed.
This talk provides a detailed look at Apache Struts, the vulnerabilities and the exploit techniques leveraged by attackers to exploit systems in the wild. The talk then examines various public signatures built exclusively to detect Apache Struts exploits and explore the strengths/weaknesses discovered from validating these signatures during live engagements. The post mortem analysis is used to discuss robust detection authorship and end with a walkthrough of how one can author more robust capabilities to detect Apache Struts exploitation.
----
The idea behind x33fcon (pronounced /'zi:f-kɒn/) is to focus on a very specific need of the security industry: collaboration between blue and red teams (sometimes referred to as purple teaming) It is an event that brings both groups together, and everyone from both sides of the fence are invited to gather, share ideas and discuss thoughts on security.
Смотрите видео 06. x33fcon 2018 - Death by a Thousand Struts: A Defenders Tale by sixdub онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь x33fcon 13 Июнь 2018, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 53 раз и оно понравилось 1 людям.