Embed Size (px)
Citation preview
Presentation – Out of Scope
How We Can find Logical Vulnerabilities
Agenda
Login Bypass
Exploiting Password Reset Vulnerabilities
Exploiting Password Reset Vulnerabilities
Bypassing CSRF Protection
Bypassing CSRF Protection
Bypassing CSRF Protection
Exploiting Multi-Stage CSRF
Stealth CSRF Via Stored HPP
Rate Limiting Bypass
Captcha Bypass
Compromising Servers by FTP Password Change Using Insecure Direct Object Reference
Chaining Multiple Vulnerabilities
Exploiting Self-XSS
Logical DoS
