{"guid":"ba118e5f-1c35-585c-91f6-9477b0c64897","title":"Neue Trends im Webhacking","subtitle":"","slug":"linuxtag06-263-neue_trends_im_webhacking","link":"https://c3voc.de","description":"\u003cp\u003eDas Jahr 2005 war ein Jahr voller neuer Entwicklungen f\u0026uuml;r PHP, aber auch f\u0026uuml;r die Security-Szene. Neben altbekannten L\u0026uuml;cken wie Cross-Site-Scripting und SQL-Injection sind weniger verbreitete Probleme wie XSRF, HTTP-Response-Splitting und Session-Fixation aufgetaucht. Zuvor noch als sicher geltende Applikationen weisen v\u0026ouml;llig neue L\u0026uuml;cken auf, die teilweise be\u0026auml;ngstigend leicht ausgenutzt werden k\u0026ouml;nnen. Die Autoren zeigen auf wie diese neuen Angriffstechniken funktionieren und wie man sich und seine Webapplikation davor sch\u0026uuml;tzen kann. Die Angriffe werden anhand von einfach zu verstehenden Praxisbeispielen erl\u0026auml;utert und L\u0026ouml;sungen aus der Praxis aufgezeigt. \u0026Uuml;ber den Autor Peter Prochaska: Peter Prochaska ist Security-Berater bei der DATEV in N\u0026uuml;rnberg. Nebenbei ist er in ganz Deutschland unterwegs und h\u0026auml;lt Vortr\u0026auml;ge auf verschiedenen Konferenzen (PHP Conference, GUUG Fr\u0026uuml;hjahrsfachgespr\u0026auml;ch,...) zu Themen wie PHP, Sicherheit und dem Hardened-Patch. Er schreibt zusammen mit Christopher Kunz eine monatliche Kolumne f\u0026uuml;r das PHP-Magazin. Weiterhin sind sie Autoren des Buches \"PHP-Sicherheit\", welches im Januar 2006 beim dpunkt-Verlag erscheinen wird. Peter Prochaska ist Mitglied im Hardened-PHP-Project und ist dort f\u0026uuml;r die Firmenkundenbetreuung und Security Audits zust\u0026auml;ndig. \u0026Uuml;ber den Autor Peter Prochaska:\u003c/p\u003e","original_language":"deu","persons":["Peter Prochaska (Hardened-PHP-Project)"],"tags":["linuxtag06","263"],"view_count":146,"promoted":false,"date":"2006-06-04T00:00:00.000+02:00","release_date":"2018-06-25T02:00:00.000+02:00","updated_at":"2025-11-29T17:45:03.421+01:00","length":2450,"duration":2450,"thumb_url":"https://static.media.ccc.de/media/events/linuxtag/2006/263-sd.jpg","poster_url":"https://static.media.ccc.de/media/events/linuxtag/2006/263-sd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/linuxtag/2006/ba118e5f-1c35-585c-91f6-9477b0c64897-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/linuxtag/2006/ba118e5f-1c35-585c-91f6-9477b0c64897-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/linuxtag06-263-neue_trends_im_webhacking","url":"https://api.media.ccc.de/public/events/ba118e5f-1c35-585c-91f6-9477b0c64897","conference_title":"Linuxtag 2006","conference_url":"https://api.media.ccc.de/public/conferences/linuxtag06","related":[{"event_id":1057,"event_guid":"import-d93f6f776ff5e0bf3d","weight":3},{"event_id":1530,"event_guid":"import-6fdeaba494d8699165","weight":3},{"event_id":2291,"event_guid":"2f68e356-6c3f-4034-9640-c06d717ed96b","weight":3},{"event_id":2967,"event_guid":"cabf79b8-cadc-45ef-89c8-c3c877baf379","weight":1},{"event_id":3601,"event_guid":"5a517be2-220b-4eb6-88c3-e7ef08c98ace","weight":1},{"event_id":3695,"event_guid":"c300b194-2a85-4705-92aa-b4e789882303","weight":3},{"event_id":3701,"event_guid":"155a622a-196e-4e05-a262-88f3a7726bbe","weight":1},{"event_id":3726,"event_guid":"7c3a4ac8-1925-4459-bdd8-b9d9e18a6cfa","weight":1},{"event_id":3853,"event_guid":"efeeaebc-3f29-11e7-9ba7-2f214305c877","weight":2},{"event_id":3968,"event_guid":"24923407-2fd3-4042-bc94-dd42083d5c1a","weight":2},{"event_id":4656,"event_guid":"ad460eb9-229b-4396-aa73-b64530c37183","weight":1},{"event_id":4770,"event_guid":"a890dbd3-8859-4788-a72f-ded5c5c08e5f","weight":2},{"event_id":5065,"event_guid":"b13b7d07-a781-4777-ac11-c331a204e710","weight":2},{"event_id":5380,"event_guid":"acc35999-4707-5ef9-a8af-f3b197f09704","weight":2},{"event_id":5569,"event_guid":"d37bc91e-f1dd-4fbb-b793-c08b2436eecb","weight":3},{"event_id":5609,"event_guid":"02b0ad5d-58d9-59e0-a443-19d33ce729b7","weight":2},{"event_id":5612,"event_guid":"be647aba-f085-5c12-a3a0-f70c4253c80d","weight":2},{"event_id":5617,"event_guid":"952292a6-923e-534a-a4ae-9522777f092c","weight":1},{"event_id":5618,"event_guid":"bac51d24-c529-5d9e-81c9-73a5c09e81ac","weight":3},{"event_id":5620,"event_guid":"0b0db69d-bda6-567e-9c5a-9fea99e86404","weight":1},{"event_id":5623,"event_guid":"0f74ae28-15c4-5f97-8c6f-dc90619ac30d","weight":1},{"event_id":5628,"event_guid":"480aa632-0d92-5b04-9af0-30df192e5ebe","weight":2},{"event_id":5634,"event_guid":"88a9da4b-80b4-5e2f-ba57-85fdfea7bcd4","weight":2},{"event_id":5637,"event_guid":"d9898c2f-fd78-4d04-b5d3-683df6895fa3","weight":3},{"event_id":5638,"event_guid":"bc119064-0b23-443b-82d4-55719d478151","weight":8}],"recordings":[{"size":79,"length":2450,"mime_type":"video/mp4","language":"deu","filename":"linuxtag06-263-deu-Neue_Trends_im_Webhacking_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":360,"height":288,"updated_at":"2018-06-25T22:12:14.669+02:00","recording_url":"https://cdn.media.ccc.de/events/linuxtag/2006/h264-sd/linuxtag06-263-deu-Neue_Trends_im_Webhacking_sd.mp4","url":"https://api.media.ccc.de/public/recordings/26365","event_url":"https://api.media.ccc.de/public/events/ba118e5f-1c35-585c-91f6-9477b0c64897","conference_url":"https://api.media.ccc.de/public/conferences/linuxtag06"},{"size":37,"length":2443,"mime_type":"audio/mpeg","language":"deu","filename":"linuxtag06-263-deu-Neue_Trends_im_Webhacking_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2018-06-25T22:52:38.221+02:00","recording_url":"https://cdn.media.ccc.de/events/linuxtag/2006/mp3/linuxtag06-263-deu-Neue_Trends_im_Webhacking_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/26435","event_url":"https://api.media.ccc.de/public/events/ba118e5f-1c35-585c-91f6-9477b0c64897","conference_url":"https://api.media.ccc.de/public/conferences/linuxtag06"},{"size":26,"length":2442,"mime_type":"audio/opus","language":"deu","filename":"linuxtag06-263-deu-Neue_Trends_im_Webhacking_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2018-06-25T22:53:06.444+02:00","recording_url":"https://cdn.media.ccc.de/events/linuxtag/2006/opus/linuxtag06-263-deu-Neue_Trends_im_Webhacking_opus.opus","url":"https://api.media.ccc.de/public/recordings/26436","event_url":"https://api.media.ccc.de/public/events/ba118e5f-1c35-585c-91f6-9477b0c64897","conference_url":"https://api.media.ccc.de/public/conferences/linuxtag06"},{"size":61,"length":2450,"mime_type":"video/webm","language":"deu","filename":"linuxtag06-263-deu-Neue_Trends_im_Webhacking_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-06-25T22:54:05.416+02:00","recording_url":"https://cdn.media.ccc.de/events/linuxtag/2006/webm-sd/linuxtag06-263-deu-Neue_Trends_im_Webhacking_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/26437","event_url":"https://api.media.ccc.de/public/events/ba118e5f-1c35-585c-91f6-9477b0c64897","conference_url":"https://api.media.ccc.de/public/conferences/linuxtag06"}]}