Arpad Ray's PHPNW08 slides:
Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals.
This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against.
* Getting around common precautions against SQL injection
* Free spam with SMTP injection
* Making a malicious website to exploit PHP sessions
* The holes every attacker hopes for
* Making use of a newly exploited website
Topic: Art of Web Backdoor
Speaker: Pichaya Morimoto
Event: 2600 Thailand Meeting #5
Date: September 6, 2013
Video: https://www.youtube.com/watch?v=QIXTPPBfLyI
Arpad Ray's PHPNW08 slides:
Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals.
This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against.
* Getting around common precautions against SQL injection
* Free spam with SMTP injection
* Making a malicious website to exploit PHP sessions
* The holes every attacker hopes for
* Making use of a newly exploited website
Topic: Art of Web Backdoor
Speaker: Pichaya Morimoto
Event: 2600 Thailand Meeting #5
Date: September 6, 2013
Video: https://www.youtube.com/watch?v=QIXTPPBfLyI