In this episode of Security Nation, Jen and Tod talk to James Kettle of PortSwigger. Their discussion includes research for new web-attack techniques and how those get field tested (hint: bug bounties). The research is kept fresh from donations gleaned from the bug bounty field tests. PortSwigger validates their research in the real world, and those advances in web-attack techniques are published and disseminated in and effort to fix bugs and misconfigurations.
Stick around for the Rapid Rundown, where Tod and Jen talk about the recent Fortinet advisory concerning the "silent patching" of bugs without disclosure of any real details – only to have attackers go and reverse it all anyway.
James Kettle
James 'albinowax' Kettle is Director of Research at PortSwigger. His latest work includes browser-powered desync attacks and web-cache poisoning. James has extensive experience cultivating novel attack techniques, including RCE via Server-Side Template Injection and abusing the HTTP Host header to poison password reset emails and server-side caches. James is also the author of various popular open-source tools including Param Miner, Turbo Intruder, and HTTP Request Smuggler. He is a frequent speaker at numerous prestigious venues, including both Black Hat USA and EU, OWASP AppSec USA and EU, and DEFCON.
Show notes
Interview links
Prior Security Nation episode in which loads of Portswigger references were dropped:https://www.rapid7.com/blog/post/2021/08/18/security-nation-daniel-crowley/New research from James about browser-powered desync attacks:https://portswigger.net/research/browser-powered-desync-attacksRapid Rundown links
Semi-secret Fortinet advisory: https://twitter.com/Gi7w0rm/status/1578398457227878407CVE Details as they come: https://www.rapid7.com/blog/post/2022/10/07/cve ..Support the originator by clicking the read the rest link below.