This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "2011 11 16 Manchester"

From OWASP
Jump to: navigation, search
 
(One intermediate revision by the same user not shown)
Line 9: Line 9:
  
 
'''Slides: '''  
 
'''Slides: '''  
* [[File:OWASP_Manchester_into_11_11_16.ppt]] OK, so due to technical problems these didnt actually work on the night ;)
+
* [[File:OWASP_Manchester_into_11_11_16.pdf]] OK, so due to technical problems these didnt actually work on the night ;)
  
 
'''Talk: Policy is the best honesty'''
 
'''Talk: Policy is the best honesty'''
Line 23: Line 23:
  
 
'''Talk: Non-alphanumeric code in JavaScript and PHP'''
 
'''Talk: Non-alphanumeric code in JavaScript and PHP'''
 +
 +
'''Slides: '''
 +
* [[File:OWASP_Manchester_Nonalpha.pdf]]
  
 
Understanding how to create non-alpha code leads to a deeper understanding on how the particular language works.  
 
Understanding how to create non-alpha code leads to a deeper understanding on how the particular language works.  

Latest revision as of 13:30, 15 December 2011

Manchester Chapter meeting 2011 November 16th

This was the second Manchester Chapter meeting, and was once again very kindly hosted by KPMG.


OWASP Chapter introduction. OWASP values and membership. Chapter information.

Simon Bennetts OWASP Manchester board member

Slides:

Talk: Policy is the best honesty

Slides:

Technology is rapidly emerging and maturing to enable connectivity and interoperability of a panoply of devices. The right investment relies on addressing workable, realistic policies first. Daniel will tell you about what NCC members are doing to allow staff to 'BYOD' and build pragmatic iPolicies.

Speaker: Dr Daniel Dresner, Head of Information Assurance Practice, National Computing Centre


Talk: Non-alphanumeric code in JavaScript and PHP

Slides:

Understanding how to create non-alpha code leads to a deeper understanding on how the particular language works.

Gareth shall discuss the history of non-alpha JavaScript, the challenges and creativity behind it.

How can you decode:

$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")
[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};
$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])
+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[$._$$]+
$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+"\""+$.$_$_+(![]+"")[$._$_]+$.$$$_+"\\"+
$.__$+$.$$_+$._$_+$.__+"("+$.__$+")"+"\"")())(); 

Gareth will explain.

Gareth shall also cover how to create this in PHP and what techniques are involved.

Speaker: Gareth Heyes is an independent security researcher who specializes in browser and JavaScript research. He has authored many free online tools and sandboxes including Hackvertor and JSReg.