25C3 -

25th Chaos Communication Congress
Nothing to hide

Stefan Esser
Day Day 2 (2008-12-28)
Room Saal 1
Start time 16:00
Duration 01:00
ID 2678
Event type lecture
Track Hacking
Language used for presentation en

Vulnerability discovery in encrypted closed source PHP applications

Security audits of PHP applications are usually performed on a source code basis. However sometimes vendors protect their source code by encrypting their applications with runtime (bytecode-)encryptors. When these tools are used source code analysis is no longer possible and because these tools change how PHP works internally, several greybox security scanning/fuzzing techniques relying on hooks fail, too.

This talk will show how different PHP (bytecode-)encryptions work, how the original bytecode can be recovered, how vulnerability discovery can still be performed with only the bytecode available and how feasible PHP bytecode decompilation is.