From the GNUCitizen blog, there's a new post about a recent meeting (of the OWASP London Chapter) where several presentations were given on methods for exploiting PHP applications. The three talks given were:
- Rodrigo Marcos - hacking PHP sockets for fun and profit
- David Kierznowski - exploitation techniques using real world examples
- Colin Watson - talk about security badges
There's links to the slides for one the formal presentations, the exploitation techniques - two sets: the remote exploit examples and local exploit examples.