Return to schedule

The HTTP GET attack Feedback

A surprisingly simple security vulnerability can have massive implications: Files laying around on web servers, accessible for anyone to download.

Git repositories, database dumps, backup files of PHP scripts, configuration files with login credentials or core dumps from application crashes - there are various files that end up on webservers. By guessing common filenames it is very often possible to download secret data from web servers.

Links


Speakers for The HTTP GET attack:


Metadata for The HTTP GET attack

To be recorded: Yes

URLs for The HTTP GET attack

Recording: https://www.youtube.com/watch?v=y7xDHXTDtwo


Schedule for The HTTP GET attack

  • Sunday, Aug 27th, 2017, 15:30 (CEST) - Sunday, Aug 27th, 2017, 16:30 (CEST) at Speakers Tent