Effective Denial of Service attacks against web application platforms
- Type
- Audio
- Tags
- DoS, web application
- Authors
- Alexander Klink, Julian Wälde
- Event
- Chaos Communication Congress 28th (28C3) 2011
- Indexed on
- Mar 27, 2013
- URL
- http://ftp.ccc.de/congress/28C3/mp3-audio-only/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.mp3
- File name
- 28c3-4680-en-effective_dos_attacks_against_web_application_platforms.mp3
- File size
- 25.9 MB
- MD5
- 7a19a6cb48fe283ad0e9b5831ebcfa87
- SHA1
- 1cd7b39e25dc5a34d9b4bc379c1e5f1029b865a9
This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
