DeepSec 2013 Video: The Boomerang Effect – Using Session Puzzling To Attack Apps From The Backend

René Pfeiffer/ February 9, 2014/ Conference, Security

Attacking fortified positions head on looks good on the silver screen. Real life attackers have no sense for drama and special effects. Battering closed doors will get you nowhere fast. Instead modern adversaries take a good look at open doors and exploit them to get what they want. Security specialists know about the dangers of management interfaces (also known as backends). This is one main focus of denying unauthorised access. Once a backend is exposed, the consequences can be very fatal to your digital assets.

At the DeepSec 2013 conference Shay Chen (Hacktics ASC, Ernst & Young) explained how attacks originating from backends look like and what attackers can do once they gained foothold.

Share this Post

About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.