Download presentation
Presentation is loading. Please wait.
Published byDustin Glenn Modified over 6 years ago
1
Yahoo Zero-Day Vulnerability - Code Point of View
Ebrahim Hegazy @Zigoo0 Cyber Security 12 April
2
Not this type of bugs!
3
Nor even This type Of hunting!
5
1- Bug Bounty Programs. 2- Remote Code Execution Vulnerability 3- Live Example – WebPwn3r 4- Demo Videos
6
Bug Bounty Programs
7
Remote Code Execution Vulnerability
Simply, PHPCE occurs when user-supplied(GET/POST) values of the parameters are reflected inside eval() function, that vulnerability allows attackers to execute PHP code such as {echo system(“id”)} or any other php function/code.
8
Eval
9
Live Example – WebPwn3r
10
4- Demo Videos
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.