PHP Internals: Exploit Dev Edition

Presented at TROOPERS17 (2017), March 23, 2017, 11:30 a.m. (Unknown duration)

This talk will give a tour about PHP Internals. It'll take the audience on a journey from the design behind a custom PHP fuzzer, to the internals of PHP's Zend Engine. I'll talk about PHP 7's new memory manager and how its heap can be exploited It will also cover some of the changes in PHP 7 Internals and what that means from an exploit dev perspective. A sample of interesting and unusual PHP bugs that I had discovered will also be presented.

Presenters:

• Emmanuel Law
  Emmanuel Law (@libnex) is a Principal Security Consultant from Aura Information Security. He works as a penetration tester during the day. By night he can be found fuzzing and exploiting binaries. Recently he has a new found hobby in hacking away at PHP internals. He has presented at conferences such as Ruxcon, Kiwicon, OWASP NZ and others.

Links:

• https://troopers.de/troopers17/talks/762-php-internals-exploit-dev-edition/
• https://infocon.org/cons/TROOPERS/TROOPERS 2017/PHP Internals Exploit Dev Edition Emmanuel Law.mp4

Similar Presentations:

• DerbyCon 2.0 Reunion (2012) / PHP Website Security, Attack Analysis, & Mitigations
• Black Hat USA 2010 / Utilizing Code Reuse/Return Oriented Programming in PHP Web Application Exploits
• Kiwicon X: The Truth is In Here (2016) / PHP Internals: Exploit Dev Edition