BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar

1,439 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,439
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar

  1. 1. PHP STATIC CODE ANALISYS Belakhdar Abdeldjalil 1
  2. 2. Show the code● Simple php script● Few pages● Few code lines 2
  3. 3. Find the bugTry to find it manually ? 3
  4. 4. Are there better ways to do it ? 4
  5. 5. Find the bugHow about grep ? 5
  6. 6. Are there better way to do it ? 6
  7. 7. Find the bugHow about Php tokenizer ? 7
  8. 8. Find the bugRips is in the party 8
  9. 9. Find the bugRips and taint analysis 9
  10. 10. Find the bugPhp tokenizer in action with Rips 10
  11. 11. DemoTry rips on rips 11
  12. 12. DemoTry rips on wordpress plugins 12
  13. 13. DemoTry rips on yii app 13
  14. 14. DemoRips is not the miracle answer 14
  15. 15. In the end● Php tokenizer is a big help● Rips make it easier● Not the best way for object oriented (mvc) project 15
  16. 16. Thanks 16
  17. 17. Questions Now ? Or later by emailriemann@opendz.org 17

×