1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
Propaganda
==========
This pages lists various mentions, articles, usages and presentations about Snuffleupagus.
Talks
-----
2017
""""
- `BerlinSide0x08 <https://berlinsides.org/?page_id=2168>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/berlinsides_2017.pdf>`__
- `Hack.lu 2017 <https://2017.hack.lu/talks/>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/hacklu_2017.pdf>`__ - `video <https://www.youtube.com/watch?v=RzaRiuJ6MkI>`__
- `BlackAlps <https://blackalps.ch/2017program.php>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/blackalps_2017.pdf>`__ - `video <https://www.youtube.com/watch?v=2GeUnOzDGxc>`__
2018
""""
- `Pass the Salt <https://2018.pass-the-salt.org/schedule/#snuffleupagus>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/passthesalt_2018.pdf>`__ - `video <https://passthesalt.ubicast.tv/videos/snuffleupagus-killing-bug-classes-and-virtual-patching-the-rest/>`__
- `44con <https://44con.com/44con/44con-2018/44con-2018-talks/>`__ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/44con_2018.pdf>`__
2020
""""
- `Modern PHP security - sec4dev 2020, Vienna - Synacktiv <https://www.synacktiv.com/ressources/modern_php_security_sec4dev.pdf>`__ - `sec4dev 2020 <https://sec4dev.io/2020>`__
2022
""""
- `Custom php Introspection for 0-Day Research - GreHack 2022, Grenoble - Groumpf and Laluka <https://thinkloveshare.com/hacking/php-internalog-introspection-for-0day-research/Custom-php-Introspection-for-0-Day-Research.pdf>`__ - `transcript and blogpost <https://thinkloveshare.com/hacking/php-internalog-introspection-for-0day-research/>`__
2023
""""
- `S01-E35-FR | Spip email/eval n-day - Analysis with Snuffleupagus, with @olivier_boschko <https://www.youtube.com/watch?v=8baCoHYItwk>`__ (fr)
Mentions
--------
2017
""""
- `Habr - PHP-Дайджест № 118 – свежие новости, материалы и инструменты <https://habr.com/en/company/zfort/blog/339630/>`__ (ru) - Habr
- `Intrinsec's blog - Hack.lu 2017 <https://securite.intrinsec.com/2017/10/20/hack-lu-2017/>`__ (fr) - Intrinsec's blog
- `Paragon Initiative Enterprises Blog - The 2018 Guide to Building Secure PHP Software <https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software>`__
2018
""""
- `Habr - PHP-Дайджест № 138 <https://habr.com/en/company/zfort/blog/422069/>`__ (ru) - Habr
- `PhpStorm's blog - PHP Annotated Monthly <https://blog.jetbrains.com/phpstorm/2018/08/php-annotated-monthly-august-2018/>`__ - PhpStorm's blog
- `PHP Weekly <http://www.phpweekly.com/archive/2018-02-08.html>`__
- `New variant in wp-gdpr-compliance vulnerability and fixing it with virtual
patching <https://medium.com/alertot/new-variant-in-wp-gdpr-compliance-vulnerability-and-fixing-it-with-virtual-patching-4b72d7496c1c>`__
- alertot
2019
""""
- `PhpStorm's blog - PHP Annotated <https://blog.jetbrains.com/phpstorm/2019/07/php-annotated-july-2019/>`__ - PhpStorm's blog
- `Habr - PHP-Дайджест № 160 <https://habr.com/ru/post/460022/>`__ (ru) - Habr
2020
""""
- `Modern PHP Security Part 2: Breaching and hardening the PHP engine <https://labs.detectify.com/2020/08/20/modern-php-security-part-2-breaching-and-hardening-the-php-engine/>`__ - Detectify's blog
2021
""""
- `Habr - PHP Дайджест № 196 <https://habr.com/ru/post/536726/>`__ (ru) - Habr
- `OWASP's PHP Configuration Cheat Sheet <https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html#snuffleupagus>`__ - OWASP
2022
""""
- `RCE on Spip and Root-Me, v2! <https://thinkloveshare.com/hacking/rce_on_spip_and_root_me_v2/>`__ - Laluka's blog
Articles
--------
2017
""""
- `Killing php bug classes at berlinsides <https://dustri.org/b/killing-php-bug-classes-at-berlinsides.html>`__ - dustri.org
- `Snuffleu…what? <https://fr33tux.org/post/snuffleupagus/>`__ - fr33tux.org
- `Behold the Snuffleupagus <https://memze.ro/posts/behold-the-snuffleupagus/>`__ - memze.ro
- `How to harden AdwCleaner’s web backend using PHP <https://blog.malwarebytes.com/security-world/technology/2017/12/harden-adwcleaner-php-web-backend/>`__ - Malwarebyte's blog
- `First release of Snuffleupagus <https://dustri.org/b/first-release-of-snuffleupagus.html>`__ - dustri.org
- `PHP Magazine <http://phpmagazine.net/2017/11/snuffleupagus-experimental-security-module-for-php7.html>`__ - phpmagazine.net
2018
""""
- `Snuffleupagus 0.3.0 - Dentalium elephantinum <https://dustri.org/b/snuffleupagus-030-dentalium-elephantinum.html>`__ - dustri.org
- `Snuffleupagus version 0.3.0 - Dentalium elephantinum <https://linuxfr.org/news/snuffleupagus-version-0-3-0-dentalium-elephantinum>`__ (fr) - LinuxFr
2019
""""
- `Проект Snuffleupagus развивает PHP-модуль для блокирования уязвимостей <https://www.opennet.ru/opennews/art.shtml?num=51031>`__ (ru) - opennet.ru
- `What the f*ck is a Snuffleupagus? <https://medium.com/@live_the_dream/what-the-f-ck-is-a-snuffleupagus-f838fb64f857>`__ - Living The Dream
- `Snuffleupagus: Open source security tool hardens PHP sites against cyber-attacks <https://portswigger.net/daily-swig/snuffleupagus-open-source-security-tool-hardens-php-sites-against-cyber-attacks>`__ - The Daily Swig
- `Snuffleupagus, an excellent module to block vulnerabilities in PHP applications <https://www.linuxadictos.com/en/snuffleupagus-un-excelente-modulo-para-bloquear-vulnerabilidades-en-aplicaciones-php.html>`__ - linuxadictos.com
- `Snuffleupagus versus recent high-profile vulnerabilities <https://dustri.org/b/snuffleupagus-versus-recent-high-profile-vulnerabilities.html>`__ - dustri.org
2020
""""
- `Snuffleupagus, un excelente módulo para bloquear vulnerabilidades en aplicaciones PHP <https://www.linuxadictos.com/snuffleupagus-un-excelente-modulo-para-bloquear-vulnerabilidades-en-aplicaciones-php.html>`__ (es) - linuxadictos.com
- `Выпуск Snuffleupagus 0.5.1, модуля для блокирования уязвимостей в PHP-приложениях <https://www.opennet.ru/opennews/art.shtml?num=53211>`__ (ru) - opennet.ru
- `Snuffleupagus versus recent high-profile vulnerabilities, again! <https://dustri.org/b/snuffleupagus-versus-recent-high-profile-vulnerabilities-again.html>`__ - dustri.org
- `Snuffleupagus, módulo para bloquear vulnerabilidades en aplicaciones PHP <https://underc0de.org/foro/seguridad-en-servidores/snuffleupagus-modulo-para-bloquear-vulnerabilidades-en-aplicaciones-php/>`__ - (es) - underc0de.org
2021
""""
- `Sortie de Snuffleupagus 0.7.0 - Los Elefantes <https://linuxfr.org/news/sortie-de-snuffleupagus-0-7-0-los-elefantes>`__ (fr) - linuxfr
- `Virtual patching CVE-2021-29447 with Snuffleupagus <https://dustri.org/b/virtual-patching-cve-2021-29447-with-snuffleupagus.html>`__ - dustri.org
2022
""""
- `Lightweight post-exploitation hardening in PHP via call-site freezing and
ghetto-CFI with Snuffleupagus
<https://dustri.org/b/lightweight-post-exploitation-hardening-in-php-via-call-site-freezing-and-ghetto-cfi-with-snuffleupagus.html>`__ - dustri.org
- `Increasing PHP security with Snuffleupagus <https://blog.frehi.be/2022/08/16/increasing-php-security-with-snuffleupagus/>`__ - blog.frehi.be
Papers
------
- `Sécurisez vos applications php avec Snuffleupagus <https://connect.ed-diamond.com/GNU-Linux-Magazine/GLMF-213/Securisez-vos-applications-PHP-avec-Snuffleupagus>`__ (fr) (paywall) - 2018-03-2018
Notable users
-------------
- `AdwCleaner <https://www.malwarebytes.com/adwcleaner/>`__'s backend- a notorious anti-pup
- `Alertot <https://www.alertot.com/>`__ - a Chilean continuous web security monitoring company
- `Control Web Panel <https://control-webpanel.com/>`__ - a free modern and intuitive control panel for servers and VPS
- `Mailu <https://github.com/Mailu/Mailu>`__ - mail server as Docker images
- `Mangadex <https://mangadex.dev/mangadex-v5-infrastructure-overview/>`__ - a major manga website
- `NBS System <https://www.nbs-system.com/>`__ - a French hosting/security company and author of snuffleupagus
- `Net4All <https://net4all.ch/>`__ - a Swiss hosting company
- `Oceanet Technology <https://www.oceanet-technology.com/>`__ - a French hosting company
- The Swedish team of the `NATO <https://www.nato.int/>`__'s `CCDCOE <https://ccdcoe.org/>`__
`Locked Shields <https://ccdcoe.org/exercises/locked-shields/>`__ exercise,
winner of the `2021 <https://ccdcoe.org/news/2021/sweden-scored-highest-at-the-cyber-defence-exercise-locked-shields-2021/>`__
and `2023 <https://ccdcoe.org/news/2023/sweden-iceland-joint-team-emerges-on-top-of-locked-shields-2023-cyber-defense-exercise/>`__
editions.
- `SwissCenter <https://swisscenter.com>`__ - a Swiss datacenter & web hosting company
- `Toolslib <https://toolslib.net/>`__ - an `Alexa top 10k <https://www.alexa.com/siteinfo/toolslib.net>`__ website
- `cPanel <https://cpanel.net/>`__ - one of the most popular web hosting control panel
|
