Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

XMPP Stanza Smuggling or How I Hacked Zoom

Black Hat via YouTube

Start learning Write review
Scrimba Ad

Our career paths help you become job ready faster

Learn More → Corporate Finance Institute Ad

35% Off Finance Skills That Get You Hired - Code CFI35

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking security vulnerability in XMPP-based applications through this 36-minute Black Hat conference talk. Delve into the concept of XMPP stanza smuggling, a novel attack vector targeting XMPP client software. Discover how subtle XML parsing quirks can be exploited to inject attacker-controlled XMPP control messages into victim clients, and understand why the XMPP protocol's design makes it particularly vulnerable to such attacks. Learn how this technique led to a zero-click remote code execution vulnerability in the Zoom client. Presented by Ivan Fratric, this talk provides valuable insights for security professionals, developers, and anyone interested in messaging protocol security.

Syllabus

XMPP Stanza Smuggling or How I Hacked Zoom

Taught by

Black Hat

Reviews

Start your review of XMPP Stanza Smuggling or How I Hacked Zoom

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.