![]() Step 2: The attacker sends a GET request for the cached page: The caching mechanism identifies the resource as an image, caching it.The application ignores the 'test.jpg' part of the URL, the victim profile page is loaded. ![]() Step 1: An attacker entices the victim to open a maliciously crafted link: These preconditions can be exploited for the Web Cache Deception attack in the following manner: All subsequent requests for the image are retrieved from cache, responding with the same resource that was initially cached (for as long as the cache timeout is set). Would be retrieved from the application server the first time the image is requested. The application only reads the first part of the URL to determine the resource to return. The attack depends on a very specific set of circumstances to make the application vulnerable:ġ. ** Of course, this attack only makes sense when the vulnerable resource available to the attacker returns sensitive data.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |