How I Met Your Girlfriend: The Discovery And Execution Of Entirely New Classes Of Web Attacks In Order To Meet Your Girlfriend.
No ratings
Presented at OWASP AppSec Brasil 2010 by
This includes entertaining and newly discovered attacks including PHP session prediction and random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-themiddle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.