How to Find Vulnerabilities in Perl Code

How to Find Vulnerabilities in Perl Code

By mock from Victoria.pm
Date: Wednesday, 29 August 2007 12:35
Duration: 20 minutes
Target audience: Any
Language:

Perhaps you've inherited some old code, and you'd like to put it out of its misery. Maybe you're about to deploy a new system and you don't want everyone to make fun of you when hackers steal your granny's credit cards. Or maybe you just like breaking other people's code because you're a bitter curmudgeon who enjoys the challenge.
Finding exploitable vulnerabilities is more than reading through perlsec and turning on the taint switch. This talk will take you through modern tools and techniques for finding and making fun of vulnerabilities in other people's code, as well as writing tests to prevent it from happening to you. Examples from CPAN and sourceforge will chosen and eviscerated on stage to illustrate each point.