Poodle (Padding Oracle On Downgraded Legacy Encryption) Vulnerability
In this talk we will see how an attacker can ensue a protocol downgrade and leverage a cryptographic weakness in SSL 3.0 to retrieve session cookie. We shall cover CBC and the "math" required to successfully decipher session cookie. In addition we will glance over the mitigation.
Follow the link in the presentation to reach to the PoC.
Starts at Saturday March 18 2017, 09:30 AM. The sessions runs for about 1 hour.