BitSensor - How and when to start a business
Download as PPTX, PDF0 likes190 views
The document discusses the time it typically takes for companies to realize they have been hacked and introduces a goal of reducing this to 50 milliseconds. It highlights technical implementations related to file uploads and error handling in PHP, emphasizing security measures against unsupported file types. Additionally, it touches on topics like integration guides and potential strategies for selling a security-related product.
![$allowed = array('gif', 'png', 'jpg'); //Allowed extensions
$filename = $_FILES['image']['name'];
$exts = array_slice(explode('.', $filename), 1); //Get extensions
foreach ($exts as $ext) {
if(!in_array($ext,$allowed) ) {
trigger_error("Disallowed file format on upload");
}
}
PHP ERROR: Disallowed file format on upload](https://image.slidesharecdn.com/r3sek7lsyiatury7hdze-signature-aa1813ad17c841ef75757041abca001f9f11bec352f23dde4a91a9ac67c05376-poli-160523134804/85/BitSensor-How-and-when-to-start-a-business-19-320.jpg)
![$allowed = array('gif', 'png', 'jpg'); //Allowed extensions
$filename = $_FILES['image']['name'];
$exts = array_slice(explode('.', $filename), 1); //Get extensions
foreach ($exts as $ext) {
if(!in_array($ext,$allowed) ) {
trigger_error("Disallowed file format on upload");
}
}
require_once 'phar://bitsensor.phar';](https://image.slidesharecdn.com/r3sek7lsyiatury7hdze-signature-aa1813ad17c841ef75757041abca001f9f11bec352f23dde4a91a9ac67c05376-poli-160523134804/85/BitSensor-How-and-when-to-start-a-business-21-320.jpg)
BitSensor - How and when to start a business
- 1. RUBEN VAN VREELAND Hacking CEO How and when to start a business
- 10. 9 months is the time it takes companies to find out they have been hacked. Lets change that to 50 milliseconds. https://haveibeenpwned.com/
- 11. DEMO
- 15. Building BitSensor trough collaboration
- 16. WHY NOW?
- 19. $allowed = array('gif', 'png', 'jpg'); //Allowed extensions $filename = $_FILES['image']['name']; $exts = array_slice(explode('.', $filename), 1); //Get extensions foreach ($exts as $ext) { if(!in_array($ext,$allowed) ) { trigger_error("Disallowed file format on upload"); } } PHP ERROR: Disallowed file format on upload
- 20. foreach ($exts as $ext) { ` if(!in_array($ext,$allowed) ) { trigger_error("Disallowed file format upload"); } } GET /integration-guide/content/gitbook/plugins/gitbook-plugin- search/search.js HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36 Accept-Language: nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4 "input": { "http.get.b": "<script>alert(1)" } Code Tripwire Correlation Input Analysis Log analysis You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1
- 21. $allowed = array('gif', 'png', 'jpg'); //Allowed extensions $filename = $_FILES['image']['name']; $exts = array_slice(explode('.', $filename), 1); //Get extensions foreach ($exts as $ext) { if(!in_array($ext,$allowed) ) { trigger_error("Disallowed file format on upload"); } } require_once 'phar://bitsensor.phar';
- 22. DEMO
- 23. HOW DO WE SELL?
Editor's Notes
- #3: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.
- #4: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.
- #12: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.
- #17: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.
- #23: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.
- #24: Ruben van Vreeland – Ethical hacker. Hacked into LinkedIn, Indiegogo, Kickstarter, Ebay, Marktplaats. Invited me to join his idea. Together with Alex Dings and Sven Dubbeld. Perfect team, balanced functions.