BSidesDC 2014

Presenting at BSidesDC was an amazing experience. I feel so lucky that we have our very own local con, and I am extremely grateful to the organizing committee and other volunteers who make this event happen.

This is very similar to my DerbyCon talk, however it is 20 minutes longer which gave me time to walk through how to go from finding this vulnerability to exploiting it, including showing the audience how to create a POC SWF.  Also, I released SWF-Server, which will give you everything you need to create your own SWF to exploit this vulnerability.






Comments

Popular posts from this blog

Exploiting Python Code Injection in Web Applications

Exploiting Server Side Request Forgery on a Node/Express Application (hosted on Amazon EC2)

Pentest Home Lab - 0x3 - Kerberoasting: Creating SPNs so you can roast them