RSS09: Web Application Firewall Bypasses and PHP Exploits

At yesterday’s RSS09 conference I gave a slightly different version of my “Shocking News in PHP Exploitation” talk. This time I disclosed for the first time how unserializing user input in Zend Framework-based applications can result in direct remote PHP code execution.

The topics of my talk were

  • easy ways to bypass ModSecurity and f5 big IP
  • executing PHP code on Zend Framework-based applications that unserialize user input
  • how to still exploit PHP interruption vulnerabilities after recent fixes in PHP

You can grab my new slides here.