HTEXPLOIT BYPASSING HTACCESS RESTRICTIONS

Black Hat USA 2012

Presented by: Matias Katz, Maximiliano Soler
Date: Wednesday July 25, 2012
Time: 14:35 - 14:55
Location: Augustus III+IV
Track: Upper Layers

HTExploit is an open-source tool written in Python that exploits a weakness in the way that htaccess files can be configured to protect a web directory with an authentication process. By using this tool anyone would be able to list the contents of a directory protected this way, bypassing the authentication process.

Maximiliano Soler

Maximiliano Soler lives in Buenos Aires, Argentina and currently works as Security Analyst, in a International Bank. Maxi has discovered vulnerabilities in different applications Web and Microsoft's products.

Matias Katz

Matias Katz is a Penetration Tester who specializes Web security analysis. He loves to build simple tools to perform discovery and exploitation on any software or network. Also, he is Super Mario World master!!


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats