DEF CON 30 - Samuel Erb, Justin Gardner - Crossing the KASM - a Webapp Pentest Story
About this talk
In this talk we will tell the story of an insane exploit we used to compromise the otherwise secure KASM Workspaces software. KASM Workspaces is enterprise software for streaming virtual workstations to end users built on top of Docker. This talk will span python binary RE, header smuggling, configuration injection, docker networking and questionable RFC interpretation. We hope to show you a little bit of what worked and a lot a bit of what didn't work on our quest to exploit this Heisenbug.
Stay Updated
Get notified about new features and conference additions.
