[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] Exploiting java deserialization vulnerabilities in crypto contexts - a java applet case-study
From: RedTimmy Security <redazione () segfault ! it>
Date: 2020-04-28 13:58:58
Message-ID: 433656939.558675.1588082338955 () webmail ! register ! it
[Download RAW message or body]
Hi,
regardless of being a deprecated technology, there are still many legacy applications relying \
on java applets out there. A bit of time ago we were involved in an atypical web application \
penetration test.
The difficulty consisted in the fact that the java serialized payload responsible for \
triggerring the vulnerability was located inside the authenticated part of a digital \
certificate, signed client-side with a private key stored in a HSM module.
In case you are interested, the full story is here: \
https://www.redtimmy.com/web-application-hacking/how-we-invented-enumjavalibs-while-finding-a-java-deserialization-bug-and-achieving-rce/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic