Reviewing Practical PHP Exploitation Techniques

Fri, 04 Apr 2008 10:22:20 GMT

The OWASP London Chapter last night (03/Apr/08) was excellent. Thanks to everyone involved for a top night!

  • For those who didn't attend, Rodrigo Marcos discussed his research on hacking PHP sockets for fun and profit. I found the concept very interesting. He discussed hacking PHP sockets; however, the techniques he discusses could be used as an application reverse proxy, although, scalability and stability could be a problem.
  • David Kierznowski (myself) gave a talk on practical PHP exploitation techniques using real world examples. I think we scared some of the guys from a certain university who recognised real world vulnerable code in their own applications :)
  • Colin Watson opened a can of worms in his discussion of security badges (Hacker Safe, Hacker proof etc). We had a good discussion on this!

I have uploaded my presentation to my site. I spent a lot of time trying to get good screenshots, so I hope it makes it easy to follow for those who couldn't attend.

Comments Powered ByDisqus