0.0.0.0 Day: Exploiting Localhost APIs From The Browser
Gal Elbaz
BSidesSF 2025 — Here Be Dragons · Day 1 · Main
The IP address `0.0.0.0` is an 18-year-old bug hiding in plain sight — a single address that bypasses every browser-based private network protection ever built. Gal Elbaz, co-founder and CTO of Oligo Security, reveals how this quirk enabled a real, year-long attack campaign against AI infrastructure and how a single HTTP request from a malicious website can compromise any application running on a developer's local machine. ---
AI review
An 18-year-old unfixed bug, 81 gigabytes of exfiltrated AI infrastructure data from an open directory listing, 62 OpenAI tokens, working crypto miners, and the first documented real-world attack on AI production workloads — all from a single IP address change. Elbaz brought receipts, and the Shadow Ray campaign receipts are extraordinary.