Breaking and abusing specifications and policies – Let’s Encrypt, cloud storage vulns and verification bypasses

Last year at Secfest, Frans Rosén talked about DNS hijacking using cloud services. This time, he approaches technologies where verification methods actually exists and how to break them. Let’s Encrypt closed down one of their three blessed verification methods due to a bug Frans found in January. Cloud storage containers already patched from being publicly exposed are still often vulnerable to full modification, extraction and deletion by abusing weak policies and application logic. Frans goes through some weak design patterns, policy structures and explains how to bypass them which have netted him over $45,000 in bug bounties.

Presented at Security Fest 2018.

Speaker: Frans Rosén

About Frans Rosén

Frans Rosén

Frans Rosén is a tech entrepreneur, bug bounty hunter and a Knowledge Advisor at Detectify, a security service for developers. He's a frequent blogger at Detectify Labs and a top ranked participant of bug bounty programs, receiving the highest bounty payout ever on HackerOne.

Get all relevant information and news regarding Security Fest, when we release recordings of talks, etc.