Advisory 03/2009: Piwik Cookie unserialize() Vulnerability
Wednesday, December 9th, 2009I released an important advisory about a remotely exploitable unserialize() vulnerability in Piwik today. SektionEins GmbH ...
Archive for the ‘Security’ Category
I released an important advisory about a remotely exploitable unserialize() vulnerability in Piwik today. SektionEins GmbH ...
SektionEins PHP Security Poster
Saturday, November 28th, 2009My company SektionEins that is specialised in web application security audits, consulting and trainings has finished the english translation of the PHP Security Poster. This poster is send out for free to interested PHP programmers (until out of stock). The poster is of DIN A0 size and details the most ...
RSS09: Web Application Firewall Bypasses and PHP Exploits
Saturday, November 28th, 2009At yesterday's RSS09 conference I gave a slightly different version of my "Shocking News in PHP Exploitation" talk. This time I disclosed for the first time how unserializing user input in Zend Framework based applications can result in direct remote PHP code execution. The topics of my talk were easy ways to ...
Shocking News in PHP Exploitation
Saturday, November 28th, 2009On 5th of November I gave a talk titled "Shocking News in PHP Exploitation" at the Powerofcommunity hacking/security conference in Seoul, South Korea. Afterwards I uploaded my slides to this server but only distributed the link through twitter. I totally forgot about announcing the slides in my blog. The topics of ...
CGNSec October 2009
Wednesday, October 7th, 2009I am pleased to announce that Thursday 22th of October 2009 at 19:30 there will be the 10th CGNSec meetup in Cologne/Germany. The meeting takes place at Hallmackenreuther, Brüsseler Platz 9, 50674 Köln (Google Maps). Everyone working in the field of information security is invited to attend. If you are attending ...
Speaking at POC 2009
Thursday, September 24th, 2009This year I will return to Power of Community in Seoul and present a session about state of the art exploitation of PHP applications and servers. Unlike my Syscan and Blackhat talk I will also demonstrate how to find unusual code execution vulnerabilities and how to tunnel attacks through web ...
CGNSec September 2009
Monday, September 21st, 2009I just wanted to announce that this wednesday (23th of September 2009) at 19:30 there will be the next CGNSec meetup in Cologne/Germany. The meeting takes place at Hallmackenreuther, Brüsseler Platz 9, 50674 Köln (Google Maps). Everyone working in the field of information security is invited to attend. If you are ...
Suhosin Patch 0.9.8 for PHP 5.3.0 *BETA* - Please Test
Thursday, August 13th, 2009It has been several weeks between the release of PHP 5.3.0 and now and I haven't released a stable Suhosin Patch for PHP 5.3.0 yet. The reason for this was that I was away from my development machine with a half ready new generation of Suhosin Patch waiting to be ...
State of the Art Post Exploitation in Hardened PHP Environments
Wednesday, August 12th, 2009I am finally back in germany after several weeks in foreign countries like singapore, taiwan and the USA. In all three countries I gave a presentation titled "State of the Art Post Exploitation in Hardened PHP Environments" that discusses a certain flaw in the design of the Zend Engine that ...
Dutch PHP Conference: The Slides
Tuesday, June 16th, 2009At this years Dutch PHP Conference I presented a PHP Security Crash Course for beginners and a session about secure programming with the Zend Framework. You can download all the slides from here. PHP Security Crash Course for beginners Part I - Introduction Part II - XSS Part III -CSRF Part IV - SQL Security Part ...