CONFidence 2013: PHP Object Injection Revisited
by
Tags:
Comments
3 responses to “CONFidence 2013: PHP Object Injection Revisited”
-
Вернусь с отдыха, подробно разберу всю презентацию! Спасибо!
-
hi raz0r,
I’ve seen your open_basedir bypass with soap wsdl cache, it’s amazing.
However, it seems that the name of a cache file cannot be controlled.
Is it really exploitable or did i miss something? Thanks -
Unfortunately you can control only the directory.
Leave a Reply