Code Obfuscation, PHP Shells & More: What hackers do once they get passed your code

Mattias Geniar (24.Jan.2014 at 14:40, 1 hr )
Talk at PHPBenelux Conference 2014 (English - US)

Rating: 4 of 5

Code Obfuscation, PHP Shells & More: What hackers do once they get passed your code

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 4 of 5

24.Jan.2014 at 17:21 by Lucas Aerbeydt (56 comments) via api

Decent overview of file upload vulnerabilities and how they can be prevented. Maybe a bit too much time was spent on the obfuscation (since it was mainly the same technique explained multiple times)

Rating: 4 of 5

25.Jan.2014 at 00:54 by Ike Devolder (191 comments) via api

interesting,but indeed as stated in the previous comment, a lot of the same

Rating: 5 of 5

25.Jan.2014 at 08:05 by Anonymous

Great talk, rich in info and lively

Rating: 4 of 5

25.Jan.2014 at 09:59 by Jurian Sluiman (21 comments)

Got some good information during the talk. The concepts were told repeatedly, which could be improved to make the talk more interesting.

Another improvement could be the practical side of being hacked. With such amount of expertise, why not demo the steps how to find the malicious files and cleanup the application/server?

Rating: 3 of 5

25.Jan.2014 at 10:34 by Tim de Pater (52 comments)

Good talk! Gave a good idea on how most hacks are done.
I was missing some references to OWASP and a overview of other ways you could get hacked

Rating: 4 of 5

25.Jan.2014 at 12:00 by Petra Dreiskamper (90 comments)

Nice set of examples of real life hacks. There are some good lessons to learn with nice pointers on how to clean up after a hack.

Rating: 4 of 5

25.Jan.2014 at 14:48 by Nick (15 comments)

Great talk, one of the few I stayed awake in. There were quite a few good tips on how to clean up after or going about finding the hack.

Rating: 4 of 5

25.Jan.2014 at 20:51 by Johan van der Graaff (10 comments)

Nice talk. Despite it being a beginner level session, it was quite informative. Personally I would've liked a bit more depth in the recognition part.

Rating: 4 of 5

26.Jan.2014 at 11:59 by Thomas Crepain (29 comments)

A good talk, it made me think about the security of our applications. It was a bit much on the file upload vulnerabilities, there aren't other ways to break in?

I would love to hear more on how to recover from attacks as the ones described. Stuff for a workshop next time?

Rating: 4 of 5

26.Jan.2014 at 22:05 by Mike Simonson (64 comments)

Interesting but a bit too much repetitions.

Rating: 4 of 5

27.Jan.2014 at 09:45 by Ayame__ (6 comments)

Could not attend due to attending another session occurring in parallel. Will you be uploading the slides?

Rating: 3 of 5

27.Jan.2014 at 11:15 by Patrick van Kouteren (110 comments)

I'm with Tim and Johan. I expected a talk from the perspective of a hacker. Perhaps an idea for the next time: the way hackers think, which common tricks they try, perhaps with some real-life references?

Rating: 4 of 5

28.Jan.2014 at 20:42 by Tom Bevers (54 comments)

Interesting talk, but as already mentioned too much repetition.

Rating: 4 of 5

28.Jan.2014 at 22:00 by Toon Verwerft (31 comments)

Very interesting subject with clear examples.
Maybe a live demo should be nice!

Rating: 3 of 5

29.Jan.2014 at 16:30 by Tom Van Herreweghe (77 comments)

Interesting to see some of the techniques used by attackers. I liked the techniques mentioned for cleaning up the mess.

© Joind.in 2019