Filter by tag: php object injection

CTF Writeup: Complex Drupal POP Chain

18 min read 29 Jan 2019 by Simon Scannell
A recent Capture-The-Flag tournament hosted by Insomni’hack challenged participants to craft an attack payload for Drupal 7. This blog post will demonstrate our solution for a PHP Object Injection with a complex POP gadget chain.

phpBB 3.2.3: Phar Deserialization to RCE

13 min read 20 Nov 2018 by Simon Scannell
A new PHP exploit technique affects the most famous forum software phpBB3. The vulnerability allows attackers who gain access to an administrator account to execute arbitrary PHP code and to take over the entire board (CVE-2018-19274).

What is PHP Object Injection

11 min read 9 Oct 2018 by Simon Scannell
A very common and critical vulnerability in PHP applications is PHP Object Injection. This blog post explains how they work and how they can lead to a full site takeover by remote attackers.

What is Phar Deserialization

9 min read 14 Aug 2018 by Johannes Dahse
Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.

A Salesmans Code Execution: PrestaShop 1.7.2.4

9 min read 7 May 2018 by Robin Peraglie
PrestaShop is one of the most popular e-commerce solutions. Our leading security analysis solution RIPS detected a highly critical vulnerability that allows to execute arbitrary code on any installation with version <= 1.7.2.4. In this technical blog post we present the vulnerability and the exploitation technique that could have been misused by attackers (CVE-2018-20717).