[Canvas] Advanced PHP Exploitation Madness!!!

Immunity Administrator admin at immunityinc.com
Wed Jun 18 17:21:58 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello!

PHP exploitation looks simple, but web applications are full of complex
arcane mysticisms. If your life goal, like mine, is to be able to "hack
anything, anywhere, at any time" then you will want professional PHP
exploitation engineers to walk you through the various animal sacrifices
necessary to make your exploits give you shells.

That's right, for those of you that were in our Web Hacking Course at
Infiltrate this year, you are well aware of the need for a stand alone
class for all of your PHP needs. From identifying and tracing PHP data
input paths, to the complex, but ever reliable, object injection
serialization, this class will cover it all.

Now, we have decided to hold this exceptionally informative training
session near it all (for some values of "all") at /training/etc in
Columbia, MD. The class will run from July 24th-25th 2014. If you want
to register, all you have to do is reach out to us here at Team Admin,
and we will walk you through the process (unlike converting an arbitrary
local file include into remote code execution, it isn't really all that
difficult). The price for this mind blowing course is $2000.00USD and is
a bargain considering the sheer volume of material that will be chiseled
into your already magnificent minds.

As Immunity's very own fearless leader, Dave, stated "PHP is important
because even though people make fun of it, it is omnipresent, and the
path into any hard target is going to go through a broken web
application written in PHP on a watering hole website of some kind." So,
don't miss out, don't wait, this class is around the corner and seats
are extremely limited.

As always, please feel free to reach out with any questions or concerns.

Cheers!

Day 1:
Intro/Background
Identifying and tracing PHP data input paths (sounds simple - it is not)
Understanding PHP variable parsing (filters, for example, make you want
to tear your hair out)

Day 2:
Core
(ab)using SQL Injection for remote code execution
Regular expression remote code execution
Anonymous (lambda) function remote code execution
Understanding and exploiting arbitrary file reads
Understanding and exploiting object injection

- -- 
Jorge Sanchez
Immunity Inc.
1130 Washington Avenue
8th Floor
Miami Beach, FL 33139
T. 786-220-0600
F. 786-513-8100
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlOiAvYACgkQysNn3QyB3VGVHgCgnMEy77ARSVmeEq5hUHuzQkWr
A9cAn1wuoJPa2WmVEx+sVlWMPfcOgmrt
=+jZ/
-----END PGP SIGNATURE-----



More information about the Canvas mailing list