Oh Dear! monitors your entire website, not just the homepage. You'll get a notification as soon as your website is down, a monthly uptime report, a warning a few days before your SSL certificate expires and much more! Start your free 10 day trial now!

Disguise PHAR packages as images

Link – www.nc-lp.com

Scary stuff.

US BlackHat 2018 proved that is possible to obtain RCE from a PHAR package, moreover, by tweaking its binary content, it's possible to disguise it as a full valid image, bypassing security checks.

Read more [www.nc-lp.com]

Stay up to date with all things Laravel, PHP, and JavaScript.

Follow me on Twitter. I regularly tweet out programming tips, and what I myself have learned in ongoing projects.

Every two weeks I send out a newsletter containing lots of interesting stuff for the modern PHP developer.

Expect quick tips & tricks, interesting tutorials, opinions and packages. Because I work with Laravel every day there is an emphasis on that framework.

Rest assured that I will only use your email address to send you the newsletter and will not use it for any other purposes.

Comments

You can comment on this post by replying to this tweet.

All replies, retweets and likes will be listed below.