Scanning for Padding Oracles
https://web-in-security.blogspot.com/2019/03/scanning-for-padding-oracles.html [web-in-security.blogspot.com]
2019-03-30 01:59
As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we describe and evaluate a scanning methodology with which we found several padding oracle vulnerabilities in devices from various vendors. In total, we found that 1.83% of the Alexa Top 1 Million have padding oracle vulnerabilities.
source: green