It's a PHP Unserialization Vulnerability Jim, but Not as We Know It

Presented at Black Hat USA 2018, Aug. 9, 2018, 5 p.m. (60 minutes)

Recent years have seen the emergence of PHP unserialization vulnerabilities as a viable route to remote code execution or other malicious outcomes. The presentation will start with a brief refresher on the issue as it has previously been understood before introducing new research which shows how unserialization can be induced when other types of vulnerability occur, including some that would previously have been considered low impact.

The presentation will include demos of long lived and previously unidentified RCE exploits against some of the most widely deployed open source PHP web applications and libraries.

Presenters:

• Sam Thomas - Director of Research, Secarma Ltd
  Sam Thomas is the Director of Research at Secarma Ltd. Previously, he was an independent researcher (eshu.co.uk). His recent research focuses on code re-use attacks both for mitigation bypass and within web based applications.

Links:

• https://www.blackhat.com/us-18/briefings/schedule/#its-a-php-unserialization-vulnerability-jim-but-not-as-we-know-it-11078
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2018/It's a PHP Unserialization Vulnerability Jim, but Not as We Know It.mp4
• https://www.youtube.com/watch?v=OrEar0TiS90

Similar Presentations:

• TROOPERS17 (2017) / PHP Internals: Exploit Dev Edition
• DerbyCon 2.0 Reunion (2012) / PHP Website Security, Attack Analysis, & Mitigations
• Black Hat USA 2010 / Utilizing Code Reuse/Return Oriented Programming in PHP Web Application Exploits