We'll be discussing how a couple of low severity issues were combined to craft a sophisticated attack that allows remote attackers to change bookmyshow customer account details remotely.
Also an insight on how programmers/developers tend to ignore applying secure coding practises throughout the application design.
There'll be a demonstration of a custom exploit that was written in python exclusively for bookmyshow. It enables even a noob to carry out the attack with a single key press.
Currently working with Payatu Software Labs LLP as a Security Consultant
Starts at Saturday July 29 2017, 01:15 PM. The sessions runs for about 1 hour.