BlackHat was one amazing ride. Over 5,000 people attended, a conference record. I got to see a ton of friends and colleagues and was fortunate enough to meet many new and interesting people. Of course a big highlight for me was my presentation, in which roughly 800 - 1,000 people showed up. A great turn out considering the talk was up against really solid and well-known presenters like Haroon Meer, Moxie Marlinspike, Christofer Hoff, and Ivan Ristic. Aside from some projector glitches and a failed cookie eviction demo everything went smoothly. From feedback in the hallway much of the audiences pin-drop silence was due to shock given how ridiculously simple yet effective these hacks were. :)
My complete “Breaking Browsers: Hacking Auto-Complete” slide deck is available. I’ve put up a series of blog posts describing each of the distinct Web hacking techniques complete with proof-of-concept code, screen shots, videos, and technical explanations. Enjoy!
Other closely related Auto-Complete / AutoFill bugs: