Upgrade to Pro — share decks privately, control downloads, hide ads and more …

One Weird Kernel Trick: Hijacking IPython Webso...

Kyle Kelley
July 10, 2014
Programming
2
950

One Weird Kernel Trick: Hijacking IPython Websockets

Lightning talk at #SciPy2014. Vulnerability disclosure of cross domain websocket hijacking in the IPython notebook. https://twitter.com/rgbkrk/status/487369535456935936

See also: http://lambdaops.com/cross-origin-websocket-hijacking-of-ipython

Kyle Kelley

July 10, 2014
Tweet

More Decks by Kyle Kelley

See All by Kyle Kelley
Notebooks: Tools for LLMs
rgbkrk
0
34
Jupyter Frontends: From the classic Jupyter Notebook, to JupyterLab, nteract and beyond
rgbkrk
0
3.5k
ephemeral docker workloads with jupyter at pytn
rgbkrk
2
330
tmpnb at PyTexas
rgbkrk
1
900
Is This Your Pipe? Hijacking the Build Pipeline
rgbkrk
1
1.5k

Other Decks in Programming

See All in Programming
アジャイルを支えるテストアーキテクチャ設計/Test Architecting for Agile
goyoki
9
3.3k
Amazon Bedrock Agentsを用いてアプリ開発してみた!
har1101
0
330
ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF
twada
PRO
10
1.3k
ActiveSupport::Notifications supporting instrumentation of Rails apps with OpenTelemetry
ymtdzzz
1
230
Jakarta EE meets AI
ivargrimstad
0
510
Flutterを言い訳にしない!アプリの使い心地改善テクニック5選🔥
kno3a87
1
140
Compose 1.7のTextFieldはPOBox Plusで日本語変換できない
tomoya0x00
0
190
RubyLSPのマルチバイト文字対応
notfounds
0
120
Jakarta EE meets AI
ivargrimstad
0
120
Jakarta Concurrencyによる並行処理プログラミングの始め方 (JJUG CCC 2024 Fall)
tnagao7
1
290
Jakarta EE meets AI
ivargrimstad
0
580
距離関数を極める! / SESSIONS 2024
gam0022
0
280

Featured

See All Featured
A Modern Web Designer's Workflow
chriscoyier
693
190k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
Visualization
eitanlees
145
15k
A designer walks into a library…
pauljervisheath
203
24k
What's in a price? How to price your products and services
michaelherold
243
12k
Speed Design
sergeychernyshev
24
610
Navigating Team Friction
lara
183
14k
The Invisible Side of Design
smashingmag
298
50k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
665
120k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
27
840
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k

Transcript

  1. One Weird Kernel Trick Hijacking IPython Websockets

  2. The IPython Notebook • Runs code on your (laptop |

    server | cluster | pi) • From your browser… • JavaScript -> Notebook Server -> Kernel • Kernel.execute

  3. Kernels and websockets

  4. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel

  5. Hijacking Websockets

  6. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel MALICIOUS Server ! kerneltricks.com

    NEW TAB!!!

  7. ws://127.0.0.1:8888/kernels

  8. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel MALICIOUS Server ! kerneltricks.com

  9. !

  10. Mitigations • Kernel ID is a UUID, randomly generated •

    Using an authenticated notebook server protects you from this issue • Fixed in IPython 1.2+, 2.x series

  11. Let’s talk security

  12. [email protected]