Extract: A PHP Foot-Gun Case Study (god2025)

Chaos Computer Club - recent events feed (low quality)

محتوای ارائه شده توسط CCC media team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط CCC media team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

4d ago 24:37

MP4•خانه قسمت

Do you always read the documentation before using a function in your languages' standard library? This talk explores the attack surface of a special feature in PHP which is easy to misuse with unforseen consequences. The `extract` function allows to replace the value of local variables named after the keys in an array. Calling it with user-controlled input allows the attacker to change arbitrary variables in the program. The documentation warns against the dangers of using it with untrusted data, but our large-scale analysis on 28.325 PHP projects from GitHub shows, that this warning is ignored. The talk walks through the process of identifing `extract`-based vulnerabilities and how they might have ended up the way they are by looking at the surrounding code. After introducing different levels of attacker-control guided by concrete exploits, listeners gain an intuition on what to look out for while reviewing code. Attending this talk, the audience will learn: Rich ways users have control over input in PHP. How to exploit insecure calls to `extract` given multiple real-world case-studies from the dataset of open source projects from GitHub. Tips on how to avoid this and similar threats in new and legacy code. Possible changes to PHP itself for risk reduction. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

1723 قسمت

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video