OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Full-disclosure] [cansecwest] Advanced PHP Hacking

laurent.oudottehtri-security.com
Date: Sun Mar 07 2010 - 13:01:13 CST


Dear all,

Related to this "Advanced PHP Hacking" training during next Cansecwest (
http://cansecwest.com ), some people asked if I were about to release
the "PHP fuzzing tools" described on my web site with 0-days / exploits
/ advisories for the Apple iPhone product.

Those "PHP fuzzing tools" allowed TEHTRI-Security to find
vulnerabilities on the latest Apple iPhone firmware (
http://www.tehtri-security.com/en/news.php?filter=TECH ).

In agreement with Apple, who are working on solutions for their
customers, we might not publicly disclose those vulnerabilities, due to
legal and ethical issues.

However, during this "Advanced PHP Hacking" CanSecWest training (22 or
23 march), I will cover how to create your own tools for playing /
fuzzing / hacking with clients (like what we did when we found vulns for
Safari & Mail app under the latest iPhone) :

http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010

Regards.

--
Laurent OUDOT
 Founder & CEO of TEHTRI-Security
 http://www.tehtri-security.com

>
> Hi,
>
> I'd like to announce a Security Master's Dojo course during next
> CanSecWest 2010 in Vancouver (March 22-26 2010).
>
> Title: Advanced PHP Hacking (!)
>
> PHP is a worldwide web language used by individuals as well as companies
> (Facebook...). This session aims at providing a hands-on focused PHP
> Hacking experience. After this course, you will really know how
> attackers work and move through PHP hax0ring so that they can jump
> deeper down to your networks.
>
> *BONUS*
> This training will end with a final amazing exercise through a step by
> step live hacking simulation. It will help students at coming back to
> offensive and defensive hands-on exercises seen during the whole day,
> thanks to this complete information warfare operation.
>
> For further information, just check :
> http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010
>
> Register as soon as possible (!) and join us at Cansecwest 2010
> (http://cansecwest.com)
>
> See you soon in Vancouver :)
>
> --
> Laurent OUDOT
> Founder & CEO of TEHTRI-Security
> http://www.tehtri-security.com
>
>
>
>
>
>
>
>
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/