Upgrade to Pro — share decks privately, control downloads, hide ads and more …

One Weird Kernel Trick: Hijacking IPython Webso...

Avatar for Kyle Kelley Kyle Kelley
July 10, 2014
Programming
2
1k

One Weird Kernel Trick: Hijacking IPython Websockets

Lightning talk at #SciPy2014. Vulnerability disclosure of cross domain websocket hijacking in the IPython notebook. https://twitter.com/rgbkrk/status/487369535456935936

See also: http://lambdaops.com/cross-origin-websocket-hijacking-of-ipython
Avatar for Kyle Kelley

Kyle Kelley

July 10, 2014
Tweet

More Decks by Kyle Kelley

See All by Kyle Kelley
Notebooks: Tools for LLMs
Avatar for Kyle Kelley rgbkrk
0
45
Jupyter Frontends: From the classic Jupyter Notebook, to JupyterLab, nteract and beyond
Avatar for Kyle Kelley rgbkrk
0
3.6k
ephemeral docker workloads with jupyter at pytn
Avatar for Kyle Kelley rgbkrk
2
350
tmpnb at PyTexas
Avatar for Kyle Kelley rgbkrk
1
930
Is This Your Pipe? Hijacking the Build Pipeline
Avatar for Kyle Kelley rgbkrk
1
1.6k

Other Decks in Programming

See All in Programming
最速Green Tea 🍵 Garbage Collector
Avatar for kuro kuro_kurorrr
1
130
AIコーディングエージェントを 「使いこなす」ための実践知と現在地 in ログラス / How to Use AI Coding Agent in Loglass
Avatar for r-kagaya rkaga
4
1.4k
Boost Your Performance and Developer Productivity with Jakarta EE 11
Avatar for ivargrimstad ivargrimstad
0
890
M5UnitUnified 最新動向 2025/05
Avatar for GOB gob
0
140
エンジニアが挑む、限界までの越境
Avatar for Nealle nealle
1
330
私のRubyKaigi 2025 Kaigi Effect / My RubyKaigi 2025 Kaigi Effect
Avatar for chobishiba chobishiba
1
130
プロダクトエンジニアのしごと 〜 受託 × 高難度を乗り越えるOptium開発 〜
Avatar for ALGO ARTIS algoartis
0
230
Embracing Ruby magic
Avatar for Vinicius Stock vinistock
2
250
Jakarta EE Meets AI
Avatar for ivargrimstad ivargrimstad
0
920
「MCPを使ってる人」が より詳しくなるための解説
Avatar for Kota-Yamaguchi yamaguchidesu
0
180
JAWS DAYS 2025 re_Cheers: WEB
Avatar for komakichi komakichi
0
120
flutter_kaigi_mini_4.pdf
Avatar for Hiroki Nobuta nobu74658
0
150

Featured

See All Featured
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
7
420
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
233
17k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
512
110k
Done Done
Avatar for chrislema chrislema
184
16k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
3.8k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
42
7.5k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
344
40k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
693
190k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
280
13k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
8
700

Transcript

  1. One Weird Kernel Trick Hijacking IPython Websockets

  2. The IPython Notebook • Runs code on your (laptop |

    server | cluster | pi) • From your browser… • JavaScript -> Notebook Server -> Kernel • Kernel.execute

  3. Kernels and websockets

  4. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel

  5. Hijacking Websockets

  6. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel MALICIOUS Server ! kerneltricks.com

    NEW TAB!!!

  7. ws://127.0.0.1:8888/kernels

  8. Kernel Notebook Server ! http://127.0.0.1:8888 Kernel MALICIOUS Server ! kerneltricks.com

  9. !

  10. Mitigations • Kernel ID is a UUID, randomly generated •

    Using an authenticated notebook server protects you from this issue • Fixed in IPython 1.2+, 2.x series

  11. Let’s talk security

  12. [email protected]