Energy Company

WEB

ECSC 2019 - Team FR

Our mission

ECSC 2019 - Team FR

- Retrieve information on a server

- By exploiting 5 vulnerabilities

Our mission

ECSC 2019 - Team FR

- Retrieve information on a server

- By exploiting 5 vulnerabilities

 

- We deal with it, using only 2 vulnerabilities

Methodology

ECSC 2019 - Team FR

Methodology

ECSC 2019 - Team FR

Methodology

ECSC 2019 - Team FR

Methodology

ECSC 2019 - Team FR

Methodology

ECSC 2019 - Team FR

Conclusion

ECSC 2019 - Team FR

- A good enumeration has saved us time

 

- Sanitize users input

- Access control mechanism

- IDS / WAF

Energy Company

By Florian Charbonneau

Energy Company

  • 6
Loading comments...

More from Florian Charbonneau