This year I will return to Power of Community in Seoul and present a session about state of the art exploitation of PHP applications and servers. Unlike my Syscan and Blackhat talk I will also demonstrate how to find unusual code execution vulnerabilities and how to tunnel attacks through web application firewalls.
Session: Shocking News in PHP Exploitation
Remote code execution vulnerabilities in modern PHP applications have become more difficult to find and exploit due to better education of developers and the wide adoption of Suhosin, web application firewalls and other PHP environment hardening. E.g. the class of remote file inclusion vulnerabilities is practically dead in modern PHP installations.
This talk will demonstrate how a well known class of PHP application vulnerabilities that is widely believed to be a DoS vulnerability only, can result in arbitrary PHP code being executed. Furthermore it will be demonstrated how attacks on PHP applications can be tunneled through web application firewalls like mod_security with ease, bypassing the whole rule engine. And last but not least we will take a look at the recently introduced protections against interruption vulnerabilities in PHP and how it is still possible to perform post exploitation tricks as presented at Syscan and Blackhat.
See you in Seoul between 5th and 6th November.
서울에서 11월 5일에서 6일에 만나요!