Some thoughts on PHP Object injection


I was reading PHP Object injection coming from Security Cafe . While I do think it works but I don't think anyone would be writing code like that - codes that allows users to pass what object to serialized

Take for me is, understand how the underlying system work and lock down features that is insecure accessible to users..




Comments

Popular posts from this blog

OpenCover code coverage for .Net Core

Android Programmatically apply style to your view

Using Custom DLL with IronPython / Scripts