Exploiting PHP7 unserialize (33c3)
- Title:
- Exploiting PHP7 unserialize (33c3)
- Description:
-
more » « less
https://media.ccc.de/v/33c3-7858-exploiting_php7_unserialize
teaching a new dog old tricks
PHP-7 is a new version of the most prevalent server-side language in use today. Like previous version, this version is also vulnerable to memory corruptions.
However, the language has gone through extensive changes and none of previous exploitation techniques are relevant.
In this talk, we explore the new memory internals of the language from exploiters and vulnerability researchers point of view. We will explain newly found vulnerabilities in the 'unserialize' mechanism of the language and present re-usable primitives for remote exploitation of these vulnerabilities.['Yannay Livneh']
- Video Language:
- English
- Duration:
- 44:02
|
Oat CubeTester edited Finnish subtitles for Exploiting PHP7 unserialize (33c3) | |
|
|
Oat CubeTester edited Finnish subtitles for Exploiting PHP7 unserialize (33c3) | |
|
|
Oat CubeTester edited Finnish subtitles for Exploiting PHP7 unserialize (33c3) | |
|
|
Oat CubeTester edited Finnish subtitles for Exploiting PHP7 unserialize (33c3) | |
|
C3Subtitles edited English subtitles for Exploiting PHP7 unserialize (33c3) | |
|
Solvent edited English subtitles for Exploiting PHP7 unserialize (33c3) | |
|
|
Solvent edited English subtitles for Exploiting PHP7 unserialize (33c3) | |
|
|
Solvent edited English subtitles for Exploiting PHP7 unserialize (33c3) |
http://www.youtube.com/watch?v=_Zj0B4D4TYc
Format: Youtube
Primary
Original
Added
by C3Subtitles
Format: Youtube
Primary
Original
http://www.youtube.com/watch?v=LDQVcN5gXRY
Format: Youtube
Added
by C3Subtitles
Format: Youtube