Description: Server Web Controls are common components in modern platforms that speed up development and enable content reuse.
Since events of server controls implement additional application features, they might be protected via privilege validation, comments or properties that disable or render them invisible.
However, since Invisibility, by definition, is in the eyes of the beholder, an invisible object can still be visible to instruments designed to locate it.
By abusing the event activation mechanism of server controls, it's possible to enumerate and execute dormant events, in-spite of most security measures - all using a refined methodology and a new designated tool.
For More Information please visit : - http://www.blackhat.com/eu-13/briefings.html
Tags: securitytube , hacking , hackers , information security , convention , computer security , blackhat-eu-2013 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.