Sam Burns tech | A blog about infosec, PHP, and software architecture

Exploiting Git Access in Docker Containers

Github token being injected into a container on a build server. The GITHUB_TOKEN env var is left on the container when it is deployed to production.

When a build server injects a Github access token into a container to run a package manager, this should be deleted straight after it is used. Version control access tokens are often present on production infrastructure, allowing an attacker to clone all repositories in the Github org.

PHP Object Instantiation Attacks

PHP Object Instantiation attacks are an appsec issue in PHP applications. They rely on meta-programming used to instantiate classes from user-defined classnames.

PHP Object Injection

Object Injection in PHP. Object Injection vulnerability is security issue with PHP applications using the unserialize() function. In the worst case, it can lead to remote code execution.