Ultimately, basing the value proposition of your site on user-generated and external content is a kind of variant on Russian Roulette, where in every turn the gun is pointed at your head, regardless of the number of players. You may win most of the time, but eventually a bullet is going to find its way into the chamber with your name on it.
Shawn Moyer and Nathan Hamiel spent some time last year looking at this problem as it related specifically to social networks, but that left a lot of the territory unexplored. This time around they’re talking about a previously unnoticed attack vector for lots and lots of web applications with user-generated content, and releasing a handy tool to exploit it. Bundled in are some thoughts on Web 2.0 attack surface, a few new exploitation techniques, and as in last year, a hefty helping of lulz, ridicule, and demos-of-shame at the expense of a few sites.
Presented in August 2009 at DEFCON 17 in Las Vegas.