Yannay has been lead security researcher at Check Point Software Technologies LTD for the past year. Before joining Check Point, Yannay served as a security researcher and developer in the IDF for four years. Yannay holds a first degree in computer science from Bar Ilan University, which he graduated at the age of 18.
[Abstract]
==========
PHP7 is a new version of the most prevalent server-side language in use today. Like previous version, this version is also vulnerable to memory corruptions. However, the language has gone through extensive changes and none of previous exploitations techniques are relevant. In this talk, we explore the new memory internals of the language from exploiters and vulnerability researchers point of view, discuss new vulnerabilities and bugs that arise from it, and present re-usable primitives for remote exploitation of a common vulnerability class in the language.