BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Silent Spring: Prototype Pollution Leads to Remote C ode\n Execution in Node.js\n When: Saturday\, Aug 12\, 17:00 - 17:20 P DT\n Where: Caesars Forum - Forum - 105\,135\,136 - Track 1 - [1]Map\n Speakers:Mikhail Shcherbakov\,Musard Balliu\n\n SpeakerBio:Mikhail Shch erbakov \, KTH Royal Institute of Technology\n Mikhail Shcherbakov came to security from enterprise app development.\n The tendency is to push i t as far as you can… He is now doing a\n Ph.D. in Language-Based Secur ity after 10+ years of experience in the\n industry. He participated in Microsoft\, GitHub\, and open-source bug\n bounty programs\, found vulne rabilities in popular products\, and helped\n to fix them. Before starti ng a Ph.D. program\, he focused on .NET and\n web security\, gave talks at conferences\, organized IT meetups\, and got\n the Microsoft MVP Awar d in 2016 – 2018. Mikhail is an author of\n commercial static analysis tools and continues research in program\n analysis.\n Twitter: [2]@yu 5k3\n\n SpeakerBio:Musard Balliu \, KTH Royal Institute of Technology\n No BIO available\n\n Description:\n Many have heard about Prototype Pollution vulnerabilities in\n JavaScript applications. This kind of vul nerability allows an attacker\n to inject properties into an object's ro ot prototype that may lead to\n flow control alteration and unexpected p rogram behavior. Every time a\n successful exploit looks like magic or i s limited to a denial of\n service (DoS). Would you be surprised if I to ld you that every\n application has a chain of methods that can be trigg ered by Prototype\n Pollution and leads to arbitrary code execution? Suc h gadgets\n populated Node.js core code and popular NPM packages. Keep c alm. Not\n every app can be exploited! However\, this fact increases the risk of\n exploitation many times over.\n\n In our research\, we stud ied Prototype Pollution beyond DoS and\n analyzed Node.js source code ag ainst the gadgets. We then analyzed 15\n popular Node.js apps from GitHu b and got 8 RCEs. Through this talk\, I\n will elaborate on the detected gadgets and vulnerabilities. We will\n also take a look at how the rece nt changes in Node.js mitigate these\n issues.\n\n REFERENCES\n\n Mi khail Shcherbakov\, Musard Balliu and Cristian-Alexandru Staicu\n "Silen t Spring: Prototype Pollution Leads to Remote Code Execution in\n Node.j s" [3]https://github.com/yuske/silent-spring/blob/master/silent-spring-ful l-version.pdf\n Gareth Heyes "Server-side prototype pollution: Black-box detection\n without the DoS" [4]https://portswigger.net/research/server -side-prototype-pollution\n Michał Bentkowski "Exploiting prototype pol lution – RCE in Kibana\n (CVE-2019-7609)" [5]https://research.securitu m.com/prototype-pollution-rce-kibana-cve-2019-7609/\n Olivier Arteau "Pr ototype Pollution Attack in NodeJS application" [6]https://github.com/HoLy VieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pol lution_attack_in_NodeJS.pdf\n\n '\n\n 1. #CaesarsForumBR\n 2. https: //twitter.com/yu5k3\n 3. https://github.com/yuske/silent-spring/blob/mas ter/silent-spring-full-version.pdf\n 4. https://portswigger.net/research /server-side-prototype-pollution\n 5. https://research.securitum.com/pro totype-pollution-rce-kibana-cve-2019-7609/\n 6. https://github.com/HoLyV ieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_poll ution_attack_in_NodeJS.pdf\n\n\n DTEND:20230813T002000Z DTSTART:20230813Z LOCATION:DC - Caesars Forum - Forum - 105\,135\,136 - Track 1 SUMMARY:Silent Spring: Prototype Pollution Leads to Remote Code Execution i n Node.js END:VEVENT END:VCALENDAR