We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

$kernel.infect(): Creating a cryptovirus for Symfony2 apps

Formal Metadata

Title
$kernel.infect(): Creating a cryptovirus for Symfony2 apps
Title of Series
Part Number
14
Number of Parts
59
Author
License
CC Attribution - NonCommercial 2.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
$kernel→infect(): Creating a cryptovirus for Symfony2 apps Cryptovirology studies how to use cryptography to design malicious software, given that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding a virus and what the virus writer sees. In this workshop we will create a simple cryptovirus in PHP - for educational purposes - able to infect a Symfony2 app and encrypt data such as database records or user uploaded files using public key cryptography with OpenSSL. To create the virus we will study how Symfony works internally, especially what kernel events are dispatched and how to use them to attach our virus. Several strategies to hide the virus will be discussed. Simple ones like using different encodings and more advanced strategies such as polymorphic code. Finally, we will see how we can defend ourselves from this kind of attacks. ······························ Speaker: Raul Fraile Event: FrOSCon 2014 by the Free and Open Source Software Conference (FrOSCon) e.V.
Keywords