Presented at
DEF CON 27 (2019),
Aug. 10, 2019, 4:30 p.m.
(20 minutes).
Apache Solr is a search platform used by many enterprise companies to add a full text search functionality to their websites. Often hidden behind firewalls, it provides a rich API to search across large datasets. If this API is used by web applications in a wrong way, it may open a possibility for injection attacks to completely modify the query logic.
In this talk we'll shed some light on the new type of vulnerabilities for web applications - Solr parameter injection, and provide some useful ways how to achieve remote code execution through it. We also provide exploits for almost all known vulnerabilities for Apache Solr, including the two new RCEs we reported this year.
Presenters:
-
Michael Stepankin
- Security Researcher at Veracode
Michael Stepankin is a Security Researcher at Veracode. He works on bringing new detection features to Veracode's dynamic and static scanner engines. As a passionate hacker, he loves to hack enterprise java applications by day and write beautiful JavaScript code by night. Listed in Halls of Fame of various bug bounty programs, Michael has also worked as a penetration tester for many years.
Twitter: @artsploit
Links:
Similar Presentations: