Категории

I Am Whoever I Say I Am: Infiltrating Identity Providers Using a 0Click Exploit

Опубликовано: 25 Январь 2025
на канале: Black Hat
6,140
116

To begin with, I will cover the foundational use-case for IAM solutions and some past in the wild attacks (ITW) attacks with the extent of their impact. Continuing, I will present the approach I took with the audit including the challenges and pitfalls that I was faced with and how I overcame them. The result concluding with an unauthenticated remote code execution as root by chaining multiple vulnerabilities on a very popular IAM solution used by several Fortune 500 companies and government organizations.

Presented by Steven Seeley
Full Abstract & Presentation Materials: https://www.blackhat.com/us-22/briefi...

play_arrow
39,034
790

Spider-Man: The Series | Smallville Style [Season 9]

Spider-Man: The Series | Smallville Style [Season 9]
play_arrow
2,289
8

00:00:00

Thrill Asia Continuity | 27 July 2023

Thrill Asia Continuity | 27 July 2023
play_arrow
11,883
313

Apple TV+ Is Free This Weekend: Here’s What You Should Watch

Apple TV+ Is Free This Weekend: Here’s What You Should Watch
play_arrow
950
85

Penelope Toasted Barrel Finish Straight Bourbon

Penelope Toasted Barrel Finish Straight Bourbon
play_arrow
117,692
5.7 тыс

Алия Молдагулова

Алия Молдагулова
play_arrow
7,286
like

Iman Wale Ko Jannat Mein Kya Kya Milega ? Maulana Umar Sahab Palanpuri (RA) Bayan

Iman Wale Ko Jannat Mein Kya Kya Milega ? Maulana Umar Sahab Palanpuri (RA) Bayan
play_arrow
410
14

Reiwa no Di Gi Charat Opening Sub Español + Karaoke

Reiwa no Di Gi Charat Opening Sub Español + Karaoke
play_arrow
158
0

UGears Old Clock Tower 3D Wooden Puzzle Models to Build, Birthday Gift for Kids, DIY STEM Models

UGears Old Clock Tower 3D Wooden Puzzle Models to Build, Birthday Gift for Kids, DIY STEM Models
Похожие видео
play_arrow
Keynote - Securing Our Cyberspace Together

Keynote - Securing Our Cyberspace Together
play_arrow
Fireside Chat: Jeff Moss and Ruimin He

Fireside Chat: Jeff Moss and Ruimin He
play_arrow
LinkDoor: A Hidden Attack Surface in the Android Netlink Kernel Modules

LinkDoor: A Hidden Attack Surface in the Android Netlink Kernel Modules
play_arrow
Emerging Frontiers: Insights from the Black Hat Asia Review Board

Emerging Frontiers: Insights from the Black Hat Asia Review Board
play_arrow
What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned

What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned
play_arrow
The Hack@DAC Story: Learnings from Organizing the World's Largest Hardware Hacking Competition

The Hack@DAC Story: Learnings from Organizing the World's Largest Hardware Hacking Competition
play_arrow
Privacy Detective: Sniffing Out Your Data Leaks for Android

Privacy Detective: Sniffing Out Your Data Leaks for Android
play_arrow
Debug7: Leveraging a Firmware Modification Attack for Remote Debugging of Siemens S7 PLCs

Debug7: Leveraging a Firmware Modification Attack for Remote Debugging of Siemens S7 PLCs
play_arrow
The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms

The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms
play_arrow
One Flip is All It Takes: Identifying Syscall-Guard Variables for Data-Only Attacks

One Flip is All It Takes: Identifying Syscall-Guard Variables for Data-Only Attacks
play_arrow
Faults in Our Bus: Novel Bus Fault Attack to Break Trusted Execution Environments

Faults in Our Bus: Novel Bus Fault Attack to Break Trusted Execution Environments
play_arrow
You Shall Not PASS - Analysing a NSO iOS Spyware Sample

You Shall Not PASS - Analysing a NSO iOS Spyware Sample