This video is an explanation of prototype pollution vulnerability in kibana that, in a super cool and very creative way, was used to achieve remote code execution in kibana software.
Blogpost:
https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/
Researcher’s twitter:
https://twitter.com/SecurityMB
Follow me on twitter:
https://twitter.com/gregxsunday
Timestamps:
00:00 Intro
00:34 Prototype pollution
02:27 Vulnerability discovery
04:14 Exploitation
#rce #protoPollution
Add comment