Difference between revisions of "The Art of Exploiting SQL Injections"

From OWASP
Jump to: navigation, search
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
 +
 +
[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
 +
<br>
 
__NOTOC__  
 
__NOTOC__  
 
==Description==
 
==Description==
Line 22: Line 26:
 
Skill: Basic, Intermediate
 
Skill: Basic, Intermediate
  
# Identify the most complicated sql injections which are beyond the scope of any automated tool?
+
# Understand the problem of SQL Injection
# Identify and Extract sensitive data from back-end database?
+
# Learn a variety of advanced exploitation techniques which hackers use.
# Privilege Escalation  within the database and extracting data with database admin privilege?
+
# How to fix the problem?
# OS code execution on these database server and use this as a pivot to attack internal network?
+
 
  
 
==Instructor==
 
==Instructor==
'''Instructor: Sumit Siddharth'''  Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: www.notsosecure.com  
+
'''Instructor: Sumit Siddharth'''  Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: [http://www.notsosecure.com www.notsosecure.com]
  
 
[[Category:AppSec_DC_2010_Training]] [[Category:Basic_Training]]] [[Category:Intermediate_Training]]]
 
[[Category:AppSec_DC_2010_Training]] [[Category:Basic_Training]]] [[Category:Intermediate_Training]]]

Latest revision as of 15:52, 23 September 2010

468x60-banner-2010.gif

Registration | Hotel | Walter E. Washington Convention Center

Description

Course Length: 1 Day

This is a full day hands on training course which will typically target penetration testers, security auditors/administrators and even web developers to learn advanced exploitation techniques. SQL Injection, although now nearly 15 years old, still exists in over 30% of the web applications. This vulnerability could typically result in 3 scenarios:

  1. Authentication Bypass
  2. Extraction of arbitrary sensitive data from the database
  3. Access and compromise of the internal network.

To identify the true impact of this vulnerability it is essential that the vulnerability gets exploited to the full extent. While there is a reasonably good awareness when it comes to identify this problem, there are still a lot of grey areas when it comes to exploitation or even identifying complex vulnerabilities like a 2nd order injections. This training will target 3 databases (MS-SQL, Mysql, Oracle) and discuss a variety of exploitation techniques to exploit each scenario. The aim of the training course is to address the following:

  1. Identify the most complicated sql injections which are beyond the scope of any automated tool?
  2. Identify and Extract sensitive data from back-end database?
  3. Privilege Escalation within the database and extracting data with database admin privilege?
  4. OS code execution on these database server and use this as a pivot to attack internal network?

Student Requirements

Students will need to bring a laptop with VMWare

Objectives

Skill: Basic, Intermediate

  1. Understand the problem of SQL Injection
  2. Learn a variety of advanced exploitation techniques which hackers use.
  3. How to fix the problem?


Instructor

Instructor: Sumit Siddharth Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: www.notsosecure.com]]