Bypass Surgery: Abusing Content Delivery Networks With Server-Side-Request Forgery (SSRF), Flash, and DNS

Bypass Surgery: Abusing Content Delivery Networks With Server-Side-Request Forgery (SSRF), Flash, and DNS

It is unlikely when a bug affects almost every CDN and it becomes vulnerable, but when this happens the possibilities are endless and potentially disastrous. Imagine a Facebook worm giving an attacker full access to your bank account completely unbeknownst to you, until seven Bentleys, plane tickets for a herd of llamas, a mink coat once owned by P. Diddy, and a single monster cable all show up on your next statement. What a nightmare. But in all seriousness, thousands of websites relying on the most popular CDNs are at risk. While some application requirements may need a security bypass in order to work, these intentional bypasses can become a valuable link in an exploit chain. Our research has unveiled a collection of general attack patterns that can be used against the infrastructure that supports high availability websites. This is a story of exploit development with fascinating consequences.

Presented by