Articles by radish2003

  • amon.so: Hijacking System Calls For Hardening PHP - Debian Lenny And Squeeze

    php Author: radish2003Tags: , , Comments: 13

    amon.so: Hijacking System Calls For Hardening PHP - Debian Lenny And Squeeze amon.so is a library that integrates with the PHP interpreter and intercepts and manipulates the system calls provided by libc6. It replace the execve() syscall with a custom function which does extra sanity checking in order to prevent that an attacker could execute arbitrary code on the system exploiting a vulnerability in a web-based application (such as a bugged cms). It's open-source software released under the terms of the GPL license and compatible with PHP running as a CGI process or Apache's DSO module.

    read more... | PDF view as pdf

Page 1 of 1