[ Ivan.Markovic @ 01.07.2011. 09:25 ] @
HTTP PARAMETER CONTAMINATION (HPC) original idea comes from the innovative approach found in HPP research by exploring deeper and exploiting strange behaviors in Web Server components, Web Applications and Browsers as a result of query string parameter contamination with reserved or non expected characters.

Download: http://netsec.rs/files/Http%20...0-%20Ivan%20Markovic%20NSS.pdf


Komentari, ideje, ispravke?
[ EArthquake @ 03.07.2011. 15:56 ] @
interesantno , pogotovu trikovi za zaobilazenje WAFova

pre nekog vremena sam testirao par razlicitih WAFova , detaljnijim proucavanjem , pogotovu onih ciji se source
dostupan, se manje vise lako mogu pronaci sitnije forice za zaobilazenje

a sto se raznih web tehnologija tice, bilo bi interesantno prostudirati sam nacin pisanja aplikacija
tipa , kod jave , tj JSPa i servleta , postoje odredjena nepisana pravila kojih se programeri drze ,
sam stil pisanja aplikacija bi mogao mozda da sadrzi dalje ideje za napade

pri tome mislim na naprednije java tehnologije, OR mapere , hybernate i sl...

znate li neku knjigu/rad koji se bavi web exploitima konkretno za java platformu ?
[ Ivan.Markovic @ 05.07.2011. 22:47 ] @
Citat:
... postoje odredjena nepisana pravila kojih se programeri drze, sam stil pisanja aplikacija bi mogao mozda da sadrzi dalje ideje za napade ...


Razmisljao sam i na ovu temu i svakako je treba istraziti ali je za to potreban veliki broj ljudi koji bi ucestvovali u analizi ...
[ Ivan.Markovic @ 28.08.2011. 14:40 ] @
Citat:
To continue investigating the Http Parameter Contamination (HPC) attack, I’ve done some primitive fuzzing in the environments which had not been covered in the original research of Ivan Markovic. It must be mentioned, that I have not found out anything new. On the other hand, an interesting feature of the Python interpreter was revealed; I also got a payload exploit for conducting a denial-of-service attack against the Tomcat server:) But I won’t disclose anything else about the latter so far.


http://ptresearch.blogspot.com/2011/08/http-parameter-contamination-more.html