PHP is awesome.

[Dave Aitel <dave () immunityinc com>]

There are parts of PHP we all know very well, which are obviously bad.
preg_replace, for example, has an option to execute code that you pass
into it. This is obviously terrible design. Only an evil alien would
have designed that feature into a language that way.

But there are other, more subtle features. The weird way they handle
"filters" is diabolical. Exactly how you use this to take control of a
PHP app means that the attack surface is in a way somewhat
counterintuitive to a normal C/C++ auditor. That's why, even if you are
a GOOD auditor you should still take our PHP auditing class July 24th
and 25th in Columbia MD. It is not just about tracking input to bad
functions. That part is given. It's about understanding the insane
transforms that are possible in PHP - it is like you are playing Portal,
but with data input that eventually will get your remote code execution.
In any case, email admin () immunityinc com to sign up. It is worth FLYING
TO COLUMBIA MD for! :>

And, in case you were one of the people to miss out on INFILTRATE
altogether, I want to highlight another released video of a talk. Sue's
talk was spectacular I thought, and now everyone can see it!

http://vimeo.com/98215525

(Note: You can also email admin () immunityinc com to sign up for next
year's INFILTRATE. :>)

-dave

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave