featured article
Retrieve SSH public key from Active Directory for SSH authentication
Latest articles
Security
.htaccess security best practices in Apache 2.4.6+
2018-11-05
Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. Apache Access Controle done right in WordPress .htaccess.
“How we broke PHP, hacked Pornhub and earned $20,000”
2016-07-24
It all started by auditing Pornhub, then PHP and ended in breaking both… We have gained remote code execution on pornhub.com and have earned a $20,000 bug bounty on Hackerone. We have found two use-after-free vulnerabilities in PHP's garbage collection algorithm. Those vulnerabilities were remotely exploitable over PHP's unserialize function.