BSidesDC 2014

Presenting at BSidesDC was an amazing experience. I feel so lucky that we have our very own local con, and I am extremely grateful to the organizing committee and other volunteers who make this event happen.

This is very similar to my DerbyCon talk, however it is 20 minutes longer which gave me time to walk through how to go from finding this vulnerability to exploiting it, including showing the audience how to create a POC SWF.  Also, I released SWF-Server, which will give you everything you need to create your own SWF to exploit this vulnerability.

Print Share Comment Cite Upload Translate

APA

() » BSidesDC 2014. Retrieved from https://www.truth.cx/2014/10/29/bsidesdc-2014/.

MLA

" » BSidesDC 2014." - , https://www.truth.cx/2014/10/29/bsidesdc-2014/

HARVARD

» BSidesDC 2014., viewed ,

VANCOUVER

- » BSidesDC 2014. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2014/10/29/bsidesdc-2014/

CHICAGO

" » BSidesDC 2014." - Accessed . https://www.truth.cx/2014/10/29/bsidesdc-2014/

IEEE

" » BSidesDC 2014." [Online]. Available: https://www.truth.cx/2014/10/29/bsidesdc-2014/. [Accessed: ]

Select a language: Afrikaans Albanian Arabic Armenian Basque Bengali Bulgarian Catalan Cambodian Chinese (Mandarin) Croatian Czech Danish Dutch English Estonian Fiji Finnish French Georgian German Greek Gujarati Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Javanese Korean Latin Latvian Lithuanian Macedonian Malay Malayalam Maltese Maori Marathi Mongolian Nepali Norwegian Persian Polish Portuguese Punjabi Quechua Romanian Russian Samoan Serbian Slovak Slovenian Spanish Swahili Swedish Tamil Tatar Telugu Thai Tibetan Tonga Turkish Ukrainian Urdu Uzbek Vietnamese Welsh Xhosa Presenting at BSidesDC was an amazing experience. I feel so lucky that we have our very own local con, and I am extremely grateful to the organizing committee and other volunteers who make this event happen. <br /><br />This is very similar to my DerbyCon talk, however it is 20 minutes longer which gave me time to walk through how to go from finding this vulnerability to exploiting it, including showing the audience how to create a POC SWF.  Also, I released SWF-Server, which will give you everything you need to create your own SWF to exploit this vulnerability.<br /><br /><center><iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/v5DIcAtnKRU" width="560"></iframe></center><br /><div style="text-align: left;">Download the project here: <a href="https://github.com/sethsec/crossdomain-exploitation-framework">https://github.com/sethsec/crossdomain-exploitation-framework</a></div><br /><br /><br /><br /> First name:

Last name: