Gotta Cache ‘em all bending the rules of web cache exploitation
Martin Doyhenard
DEF CON 32 Main Stage · Day 1 · Main Stage
In this DEF CON 32 presentation, "Gotta Cache ‘em all: bending the rules of web cache exploitation," Martin Doyhenard delves into novel techniques for exploiting web cache vulnerabilities, moving beyond traditional methods to achieve arbitrary web cache deception and poisoning. The talk focuses on how discrepancies in **URL parsing** between **web cache proxies** (such as CDNs like Cloudflare, Cloudfront, and Akamai) and **origin servers** can be leveraged to manipulate cached content. Doyhenard demonstrates how attackers can exploit these subtle differences to steal sensitive user information, poison widely accessed resources, and even achieve full website replacement.
AI review
This presentation by Martin Doyhenard isn't just another cache talk; it's a deep dive into the fundamental inconsistencies in URL parsing across the modern web stack. By meticulously dissecting how CDNs and origin servers interpret RFCs differently, Doyhenard unveils novel techniques for arbitrary web cache deception and poisoning. This isn't about finding a niche misconfiguration; it's about exploiting architectural seams that bypass established defenses, making it a critical piece of research for anyone building or defending web infrastructure.