PHP Internals: Exploit Dev Edition

Presented at Kiwicon X: The Truth is In Here (2016), Nov. 17, 2016, 5 p.m. (45 minutes).

This talk will give a tour about PHP Internals. It'll take the audience on a journey from the design behind a custom PHP fuzzer, to how PHP internal heap can be exploited. It will also cover some of the changes in PHP 7 Internals and what that means from an exploit dev perspective. A sample of interesting and unusual PHP bugs that I had discovered will also be presented. I hope to be able to share what had worked for me and what are some of the lessons I've learnt throughout this journey.

Presenters:

• Emmanuel Law
  Emmanuel Law (@libnex) is a Principal Security Consultant from Aura Information Security. He works as a penetration tester during the day. By night he can be found fuzzing and exploiting binaries. Recently he has a new found hobby in hacking away at PHP internals.

Links:

• https://2016.kiwicon.org/the-con/talks/#e258

Similar Presentations:

• Black Hat USA 2010 / Utilizing Code Reuse/Return Oriented Programming in PHP Web Application Exploits
• TROOPERS17 (2017) / PHP Internals: Exploit Dev Edition
• DerbyCon 2.0 Reunion (2012) / PHP Website Security, Attack Analysis, & Mitigations