Effective Denial of Service attacks against web application platforms

We are the 99% (CPU usage)

Alexander ‘alech’ Klink and Julian | zeri

Embed into your website

Share with others


This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work.