CONFidence 2013: PHP Object Injection Revisited

28 May 2013, 18:00TalksRaz0r3 comments
, ,


3 comments:

  1. Kuzya, 29. May 2013, 9:23

    Вернусь с отдыха, подробно разберу всю презентацию! Спасибо!

     
  2. /fd, 29. May 2013, 19:28

    hi raz0r,
    I’ve seen your open_basedir bypass with soap wsdl cache, it’s amazing.
    However, it seems that the name of a cache file cannot be controlled.
    Is it really exploitable or did i miss something? Thanks

     
  3. Raz0r, 30. May 2013, 16:29

    Unfortunately you can control only the directory.

     

Write a comment: