$30 off During Our Annual Pro Sale. View Details »

Unveiling Web Cache Poisoning and Deception

BreachForce
February 03, 2024
Technology
0
12

Unveiling Web Cache Poisoning and Deception

Title: Understanding Web Cache Poisoning and Deception Attacks
Presenter: Saurabh Tiwari
Event: BreachForce CyberSecurity Cohort
Talk Date: 3rd February, 2024

Saurabh Tiwari's presentation explores the fundamentals of web cache poisoning and deception attacks, shedding light on these critical security threats. The slides feature demonstrations of essential pentesting tools for identifying and assessing vulnerabilities in web applications. This presentation provides valuable insights and practical techniques for strengthening your security measures along with demonstrations of pentesting tools for vulnerability assessment.

BreachForce

February 03, 2024
Tweet

More Decks by BreachForce

See All by BreachForce
Active Directory Security Workshop by Chirag Savla
breachforce
0
25
Art of Smuggling HTTP Requests
breachforce
0
3
COOL RECON TECHNIQUES EVERY HACKER MISSES
breachforce
0
11
Can Request Encryption Fix Your Web Apps?
breachforce
0
12
iOS App Pentesting Discover Exploit Secure
breachforce
0
4
Phone Systems and their security
breachforce
0
8
Cybersecurity for Satellites by Jaden Furtado
breachforce
0
9
Nmap in Depth by Nathaniel Fernandes
breachforce
0
4
Understanding SOC: The heartbeat of Cybersecurity and Network Infrastructure
breachforce
0
5

Other Decks in Technology

See All in Technology
Yahoo! JAPANトップページにおけるマイクロフロントエンド - 大規模組織におけるFE開発を加速させるには
lycorptech_jp
PRO
0
1.5k
CDCL による厳密解法を採用した MILP ソルバー
imai448
5
420
セキュリティベンダー/ユーザー双方の視点で語る、 Attack Surface Managementの実践 - Finatextパート / cloudnative-architecture-of-asm
stajima
0
1.9k
TypeScript100%で作るMovable Typeプラグイン
usualoma
2
190
情シスの引継ぎが大変という話
miyu_dev
1
270
Amazon Forecast亡き今、我々がマネージドサービスに頼らず時系列予測を実行する方法
sadynitro
0
200
SRE×AIOpsを始めよう!GuardDutyによるお手軽脅威検出
amixedcolor
1
290
セキュリティ運用って包括的にできていますか?SaaSを使って次のステップへ / Comprehensive Cyber Security Operations for Cloud Services Using SaaS
sakaitakeshi
0
240
SkiaとImpellerについて
moriya0130
0
200
Postman Flowsで作るAPI連携LINE Bot
miura55
0
210
アジャイルでの品質の進化 Agile in Motion vol.1/20241118 Hiroyuki Sato
shift_evolve
0
220
モバイルアプリ開発未経験者が プロダクト開発に携わるまでに取り組んだこと/nikkei-tech-talk-27-3
nikkei_engineer_recruiting
0
110

Featured

See All Featured
How to train your dragon (web standard)
notwaldorf
88
5.7k
Writing Fast Ruby
sferik
627
61k
Testing 201, or: Great Expectations
jmmastey
39
7.1k
Why Our Code Smells
bkeepers
PRO
334
57k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
111
49k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Building Adaptive Systems
keathley
38
2.3k
Automating Front-end Workflow
addyosmani
1366
200k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
329
21k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
Rails Girls Zürich Keynote
gr2m
94
13k

Transcript

  1. z Web Cache Attacks Saurabh Tiwari

  2. z What is Web Cache? The purpose of the cache

    is to reduce the response time of the web server.
  3. None
  4. None
  5. None

  6. z What Are Cache Keys?  Whenever a cache receives

    a request for a resource, it has to check if it has the same copy to reply with or whether it has to forward to respective servers.  As this is quite tricky, few components of the HTTP request are used as an identity to do so, called the cache-keys.  If the cache key of an incoming request matches the key of a previous request, then the cache considers them to be equivalent.

  7. z What Are Unkeyed Headers?

  8. Impact of Web Cache Poisoning : DOS, XSS & More!

  9. None

  10. Countermeasures against Web Cache Poisoning Implementing effective countermeasures is crucial

    in defending your website against web cache poisoning attacks. • Cache key normalization: Normalizing cache keys can help prevent variations due to input formatting or case sensitivity. • Validate user input: Implementing strict input validation and sanitization techniques can prevent injection attacks that can lead to cache poisoning. These techniques include input filtering, parameter safelisting, and regular expression checks. • Cache-control headers: Cache-control headers help enforce caching behavior and mitigate risks. For example, using headers like “no-store” and “no-cache” can prevent the caching of sensitive data. • Use web application firewalls (WAF): Deploying a robust WAF can help detect and block cache poisoning attempts. WAFs analyze incoming requests and identify suspicious patterns that indicate cache poisoning. We can configure the WAF to alert or block these requests to provide an additional layer of defense against such attacks.
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None
  18. None
  19. None

  20. Conditions: 1. Web cache functionality is set for the web

    application to cache files by their extensions, disregarding any caching header. 2. When accessing a page like http://www.example.com/home.php/non-existent.css, the web server will return the content of "home.php" for that URL.
  21. None

  22. REFERENCES: 1. Web cache deception attack – original blog http://omergil.blogspot.co.il/2017/02/web-cache-deception-attack.html

    2. Web cache deception attack in PayPal home page https://www.youtube.com/watch?v=pLte7SomUB8 3. Understanding our cache and the web cache deception attack – Cloudflare blog https://blog.cloudflare.com/understanding-our-cache-and-the-web-cache-deception-attack/ 4. On web cache deception attacks – Akamai blog https://blogs.akamai.com/2017/03/on-web-cache-deception-attacks.html

  23. z About Me  Saurabh Tiwari  22  IT

    Security Analyst @ MobiTrail Org.  Pentester @ One of he World’s Largest E-Payment Services  Student  One of the Moderators of BreachForce Community

  24. THANKS | linkedin.com/in/saurabh-tiwari-5315801b5 @Zodiac_Minati