This video is an explanation of prototype pollution vulnerability in kibana that, in a super cool and very creative way, was used to achieve remote code execution in kibana software.

Blogpost:
https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/

Researcher’s twitter:
https://twitter.com/SecurityMB

Follow me on twitter:
https://twitter.com/gregxsunday

Timestamps:
00:00 Intro
00:34 Prototype pollution
02:27 Vulnerability discovery
04:14 Exploitation

#rce #protoPollution

Add comment

Your email address will not be published. Required fields are marked *