25C3 - 1.4.2.3

25th Chaos Communication Congress
Nothing to hide

Speakers
Stefan Esser
Schedule
Day Day 2 (2008-12-28)
Room Saal 1
Start time 16:00
Duration 01:00
Info
ID 2678
Event type lecture
Track Hacking
Language used for presentation en
Feedback

Vulnerability discovery in encrypted closed source PHP applications

Security audits of PHP applications are usually performed on a source code basis. However sometimes vendors protect their source code by encrypting their applications with runtime (bytecode-)encryptors. When these tools are used source code analysis is no longer possible and because these tools change how PHP works internally, several greybox security scanning/fuzzing techniques relying on hooks fail, too.

This talk will show how different PHP (bytecode-)encryptions work, how the original bytecode can be recovered, how vulnerability discovery can still be performed with only the bytecode available and how feasible PHP bytecode decompilation is.