Suspekt... » korea

Shocking News in PHP Exploitation

Stefan Esser — Sat, 28 Nov 2009 17:43:54 +0000

On 5th of November I gave a talk titled “Shocking News in PHP Exploitation” at the Powerofcommunity hacking/security conference in Seoul, South Korea. Afterwards I uploaded my slides to this server but only distributed the link through twitter. I totally forgot about announcing the slides in my blog.

The topics of my talk were

easy ways to bypass modsecurity and f5 big ip asm
exploiting unserialize vulnerabilities in Zend Framework applications
exploiting PHP interruption vulnerabilities after recent fixes in PHP

The slides are available here.

Speaking at POC 2009

Stefan Esser — Thu, 24 Sep 2009 20:45:16 +0000

This year I will return to Power of Community in Seoul and present a session about state of the art exploitation of PHP applications and servers. Unlike my Syscan and Blackhat talk I will also demonstrate how to find unusual code execution vulnerabilities and how to tunnel attacks through web application firewalls.

Session: Shocking News in PHP Exploitation

Remote code execution vulnerabilities in modern PHP applications have become more difficult to find and exploit due to better education of developers and the wide adoption of Suhosin, web application firewalls and other PHP environment hardening. E.g. the class of remote file inclusion vulnerabilities is practically dead in modern PHP installations.

This talk will demonstrate how a well known class of PHP application vulnerabilities that is widely believed to be a DoS vulnerability only, can result in arbitrary PHP code being executed. Furthermore it will be demonstrated how attacks on PHP applications can be tunneled through web application firewalls like mod_security with ease, bypassing the whole rule engine. And last but not least we will take a look at the recently introduced protections against interruption vulnerabilities in PHP and how it is still possible to perform post exploitation tricks as presented at Syscan and Blackhat.

See you in Seoul between 5th and 6th November.

서울에서 11월 5일에서 6일에 만나요!

Starbucks, WIFI, Internet and South Korea

Stefan Esser — Tue, 30 Sep 2008 02:17:44 +0000

When I came to Seoul, South Korea I had already heard about the high distribution of broadband internet access. Therefore I was not suprised at all that my hotel room had ethernet sockets that provided me with fast internet access. What suprised me however was the fact that it was for free. In Germany or the USA you usually pay atleast 10$ per day for a similiar connection.

On the other hand when I visited Starbucks I had to learn the hard way that without Microsoft Windows you are an outsider in South Korea. It is simply not possible to connect to the NETSPOT hotspots within Starbucks Korea without Microsoft Windows and without Internet Explorer. On the one hand their special connectivity software only exists for Windows and on the other hand the web login seems to require an activex module for credit card payment.

With this kind of limit in place I can now understand why devices like the IPOD Touch are far cheaper in South Korea than in Germany. You simply cannot use them

I think the guys behind NETSPOT should really consider redesigning their system to be compatible to non Microsoft systems, like osx or linux. After all it is not that hard to do credit card billing.

PS.1: Yes I know that the NETSPOT hotspots seem to let everything through on port 53 UDP which might allow VPN tunnels on port 53 but I am only speaking about legal access here.

PS.2: Beside that little annoyance I really love South Korea and plan to come back as often as possible