Trying to Find a Bug in WordPress
I stumbled over some WordPress code involving caching. Immediately I had this idea about MD5 collision and how this could affect the implemented logic. I started going down a rabbit hole exploring the feasibility and eventually setting up a PHP debug environment. Only to realize that the idea was flawed from the start. So while this ends up being failed security research, we still learn a lot along the process.
Get my handwritten font https://shop.liveoverflow.com (advertisement)
Checkout our courses on https://hextree.io (advertisement)
Support these videos: https://liveoverflow.com/support/
---
get_page_by_path: https://developer.wordpress.org/refer...
Hash Collision Overview: https://github.com/corkami/collisions...
MD5 Collision Demo: https://www.mscs.dal.ca/~selinger/md5...
Is there an ASCII only MD5 hash collision? / 1664280653519810563
Wordpress docker image with xdebug: https://github.com/wpdiaries/wordpres...
Debugging wordpress with xdebug: https://www.wpdiaries.com/wordpress-w...
What is a Server? • What is a Server? (Deepdive)
---
Chapters:
00:00 - Intro
00:36 - Finding the Research Topic
03:03 - Dumb Ideas Are NOT a Problem
03:40 - "What happens with a MD5 Hash Collision?"
04:38 - MD5 Hash Collision Feasibility
09:25 - WordPress Development Environment
11:18 - Debugging PHP
12:57 - Configuring xdebug
14:42 - Realizing the Research Idea was Flawed
15:58 - What we learned from the failed research
17:10 - hextree.io
17:47 - Outro
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
2nd Channel: / liveunderflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok: / liveoverflow_
→ Instagram: / liveoverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
Watch video Trying to Find a Bug in WordPress online without registration, duration hours minute second in high quality. This video was added by user LiveOverflow 11 June 2023, don't forget to share it with your friends and acquaintances, it has been viewed on our site 91,886 once and liked it 4.6 thousand people.