all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attacking Language Server JSON RPC

Add to bookmarks
March 11, 2023, 5:06 p.m. | LiveOverflow

LiveOverflow www.youtube.com

While auditing a VSCode Extension + Language Server I noticed something interesting. This turned into the research question "can we attack the extension from the browser?". After a bit of preliminary research I decided to do it again on stream, and eventually made this video. This is how security research can look like.

What is a Server? https://www.youtube.com/watch?v=VXmvM2QtuMU
What is a Protocol? https://www.youtube.com/watch?v=d-zn-wv4Di8
GitLab 11.4.7 RCE https://www.youtube.com/watch?v=LrLJuyAdoAg

Live Stream: https://www.youtube.com/watch?v=jc7S6TtLK_c

My Font (advertisement): https://shop.liveoverflow.com/

Chapters:
00:00 - Why Security Research? …

attack auditing browser code extension json language question rce research rpc security security research server stream video vscode what is

Visit resource

More from www.youtube.com / LiveOverflow

Finding The .webp Vulnerability in 8s (Fuzzing with AFL++) 3 months, 1 week ago | www.youtube.com
afl cve cve-2023-4863 fuzzing +9
A Vulnerability to Hack The World - CVE-2023-4863 4 months, 2 weeks ago | www.youtube.com
0day actively exploited blastpass buffer +21
Reinventing Web Security 5 months, 2 weeks ago | www.youtube.com
access clear database down +13
The Circle of Unfixable Security Issues 6 months, 2 weeks ago | www.youtube.com
bounty bug bug bounty bugs +12
Binary Exploitation vs. Web Security 7 months ago | www.youtube.com
social support
Hacker Tweets Explained 7 months, 2 weeks ago | www.youtube.com
context explained hacker justin +6
Zenbleed (CVE-2023-20593) 8 months ago | www.youtube.com
amd amp asm assembly +18
The Discovery of Zenbleed ft. Tavis Ormandy 8 months, 2 weeks ago | www.youtube.com
bugs concept cpu cpus +16
Asking Android Developers About Security 9 months ago | www.youtube.com
android android developers android security asking +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité - Nantes

@ Hifield | Saint-Herblain, France
View on infosec-jobs.com

L2 Security - Senior Security Engineer

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Consultant Active Directory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Consultant PCI-DSS H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA
View on infosec-jobs.com
View more jobs