Sven Morgenroth, Netsparker - Paul's Security Weekly #584
Paul's Security Weekly (Video) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.
Full Show Notes: https://wiki.securityweekly.com/Episode584
To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly