BadWPAD

by Maxim Goncharov Sept. 14, 2017 via www.blackhat.com submitted by belen_caty

WPAD (Web Proxy Auto Discovery) is a protocol that allows computers to automatically discover Web proxy configurations. It is primarily used in networks where clients are only allowed to communicate to the outside through a proxy. The WPAD protocol has been around for almost 20 years (RFC draft 1999-07-28), but has well-known risks to it that have been largely ignored by the security community. This session will present the results of several experiments highlighting the flaws inherent to this badly designed protocol (WPAD), and bring attention to the many ways in which they can be easily exploited. Our research expands on these known flaws and proves a surprisingly broad applicability of "badWPAD" for possible malicious use today by testing it in different environments.

https://www.blackhat.com/us-16/briefings.html#badwpad

Avatar
Steven Ulm 4 weeks, 1 day ago

I am wondering what are the reasons for which the security community ignored so bad the risks of the WPAD?

Reply