Poc 2007 notes

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So yesterday there were quite a few talks - POC starts early and goes
fairly late. I feel bad for the translators because the English speaking
presenters tend to get nervous (myself included) and burn through their
first 15 slides at a crazy clip before settling down into a staccato
approach more suitable for simul-translation.

If I understood correctly, one of the things we saw yesterday is that
you can put a server: header into a HTTP response to Nessus 3.0 and get
CSS, much like someone did to SILICA. According to the presentation the
filtering is a bit broken, so this is still possible - and by using Java
you get command execution out of it, so it's reasonably useful in some
rare situations.

Today there's a VMWare talk I'm looking forward to, but there won't be
any 0day technical details, just a demo.

- -dave


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPNK3tehAhL0gheoRAn6wAJ9kZYNsVN8qWfQKSkWSriU0bdIyCQCfUkGx
Ciy+Y+/qiG6TAoXG0oZUXRk=
=1RwT
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave