Talks The HTTP GET attack

A surprisingly simple security vulnerability can have massive implications: Files laying around on web servers, accessible for anyone to download.

Git repositories, database dumps, backup files of PHP scripts, configuration files with login credentials or core dumps from application crashes - there are various files that end up on webservers. By guessing common filenames it is very often possible to download secret data from web servers.

Links


Instances

  • Sunday Aug. 27 15:30 - 16:30

Speakers