At yesterday’s RSS09 conference I gave a slightly different version of my “Shocking News in PHP Exploitation” talk.
This time I disclosed for the first time how unserializing user input in Zend Framework based applications can result in direct remote PHP code execution.
The topics of my talk were
- easy ways to bypass modsecurity and f5 big ip
- executing PHP code on Zend Framework based applications that unerialize user input
- how to still exploit PHP interruption...
Xebee Blog: Test Driven Development with Zend...
On the Xebee blog there's a recent post looking at test-driven development with the Zend Framework and PHPUnit. They show how they work well together and make it simpler to use TTD to create...
Community News: Russian Zend Framework Conference...
As mentioned in this new post by Alexander Veremyev to the Zend Developer Zone, the first Russian Zend Framework conference has been announced - ZFConf 2010. I am happy to announce the 1st...
Matthew Weier O'Phinney's Blog: Creating Re-Usable...
In a new post to his blog Matthew Weier O'Phinney looks at creating reusable plugins for the Zend_Application component of the Zend Framework. This is a follow-up from his previous article...
1 GB SanDisk MicroSD TransFlash Memory Card (Bulk)
The MicroSD card is based on TransFlash, which was developed by SanDisk in cooperation with Motorola and is the worlds smalles flash memory card form factor.
Sound Forge 9
Sound Forge 9 is the industry standard for editing and production. Create and edit stereo and multichannel audio files with speed and precision, in the studio or in the field. The latest...
Post new comment