Black Hat 2018

Pierluigi Paganini August 17, 2018
Black Hat 2018 – Expert demonstrated a new PHP code execution attack

The security researcher Sam Thomas from Secarma, has discovered a new attack technique that leverages critical deserialization vulnerabilities in PHP programming language. The flaws potentially expose web applications written in the popular language to cyber attacks, including websites running CMSs like WordPress and Typo3. The expert discovered that an attacker can use low-risk functions against Phar archives to trigger […]