lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 07 Mar 2010 20:01:13 +0100
From: "laurent.oudot@...tri-security.com" <laurent.oudot@...tri-security.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [cansecwest] Advanced PHP Hacking


Dear all,

Related to this "Advanced PHP Hacking" training during next Cansecwest (
http://cansecwest.com ), some people asked if I were about to release
the "PHP fuzzing tools" described on my web site with 0-days / exploits
/ advisories for the Apple iPhone product.

Those "PHP fuzzing tools" allowed TEHTRI-Security to find
vulnerabilities on the latest Apple iPhone firmware (
http://www.tehtri-security.com/en/news.php?filter=TECH ).

In agreement with Apple, who are working on solutions for their
customers, we might not publicly disclose those vulnerabilities, due to
legal and ethical issues.

However, during this "Advanced PHP Hacking" CanSecWest training (22 or
23 march), I will cover how to create your own tools for playing /
fuzzing / hacking with clients (like what we did when we found vulns for
Safari & Mail app under the latest iPhone) :

http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010

Regards.

--
Laurent OUDOT
 Founder & CEO of TEHTRI-Security
 http://www.tehtri-security.com


>
> Hi,
>
> I'd like to announce a Security Master's Dojo course during next
> CanSecWest 2010 in Vancouver (March 22-26 2010).
>
> Title: Advanced PHP Hacking (!)
>
> PHP is a worldwide web language used by individuals as well as companies
> (Facebook...). This session aims at providing a hands-on focused PHP
> Hacking experience. After this course, you will really know how
> attackers work and move through PHP hax0ring so that they can jump
> deeper down to your networks.
>
> *BONUS*
> This training will end with a final amazing exercise through a step by
> step live hacking simulation. It will help students at coming back to
> offensive and defensive hands-on exercises seen during the whole day,
> thanks to this complete information warfare operation.
>
> For further information, just check :
>  http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010
>
> Register as soon as possible (!) and join us at Cansecwest 2010
> (http://cansecwest.com)
>
> See you soon in Vancouver :)
>
> --
> Laurent OUDOT
>  Founder & CEO of TEHTRI-Security
>  http://www.tehtri-security.com
>
>
>
>
>
>
>
>
>
>   

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists