Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [cansecwest] Advanced PHP Hacking
From: "laurent.oudot () tehtri-security com" <laurent.oudot () tehtri-security com>
Date: Sun, 07 Mar 2010 20:01:13 +0100

Dear all,

Related to this "Advanced PHP Hacking" training during next Cansecwest (
http://cansecwest.com ), some people asked if I were about to release
the "PHP fuzzing tools" described on my web site with 0-days / exploits
/ advisories for the Apple iPhone product.

Those "PHP fuzzing tools" allowed TEHTRI-Security to find
vulnerabilities on the latest Apple iPhone firmware (
http://www.tehtri-security.com/en/news.php?filter=TECH ).

In agreement with Apple, who are working on solutions for their
customers, we might not publicly disclose those vulnerabilities, due to
legal and ethical issues.

However, during this "Advanced PHP Hacking" CanSecWest training (22 or
23 march), I will cover how to create your own tools for playing /
fuzzing / hacking with clients (like what we did when we found vulns for
Safari & Mail app under the latest iPhone) :



Laurent OUDOT
 Founder & CEO of TEHTRI-Security


I'd like to announce a Security Master's Dojo course during next
CanSecWest 2010 in Vancouver (March 22-26 2010).

Title: Advanced PHP Hacking (!)

PHP is a worldwide web language used by individuals as well as companies
(Facebook...). This session aims at providing a hands-on focused PHP
Hacking experience. After this course, you will really know how
attackers work and move through PHP hax0ring so that they can jump
deeper down to your networks.

This training will end with a final amazing exercise through a step by
step live hacking simulation. It will help students at coming back to
offensive and defensive hands-on exercises seen during the whole day,
thanks to this complete information warfare operation.

For further information, just check :

Register as soon as possible (!) and join us at Cansecwest 2010

See you soon in Vancouver :)

Laurent OUDOT
 Founder & CEO of TEHTRI-Security


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]