Shocking News In Php Exploitation

On 5th of November I gave a talk titled “Shocking News in PHP Exploitation” at the Powerofcommunity hacking/security conference in Seoul, South Korea. Afterwards I uploaded my slides to this server but only distributed the link through twitter. I totally forgot about announcing the slides in my blog.

The topics of my talk were

  • easy ways to bypass modsecurity and f5 big ip asm
  • exploiting unserialize vulnerabilities in Zend Framework applications
  • exploiting PHP interruption vulnerabilities after recent fixes in PHP

The slides are available here.