::: left till the conference

PD%00

11:25
20 min
Web Village

Miss the days when you could achieve LFI with a zero-byte? Have you already suppressed your desire to insert null-bytes at the end of all parameters? Have you removed the null-byte from your fuzz lists? Shame. We will tell you how some PDO drivers handle null bytes and what it may lead to.

Speakers
Pavel Sorokin

Pentester

Share
Other Reports
Defensive Track
Metrics in practice
Defensive Track
Open Source DevSecOps: Tempest in a teapot
Web Village
Fantastic bugs and where to find them
Up