Sven Morgenroth, Netsparker

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.

Full Show Notes: https://wiki.securityweekly.com/Episode584

To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly

Full episode and show notes

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly
prestitial ad