This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "The Art of Exploiting SQL Injections"

From OWASP
Jump to: navigation, search
(category OWASP/Training changed to OWASP Training)
 
(7 intermediate revisions by 4 users not shown)
Line 1: Line 1:
===Objectives===
+
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
Skill: Basic, Intermediate
 
  
# Identify the most complicated sql injections which are beyond the scope of any automated tool?
+
[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
# Identify and Extract sensitive data from back-end database?
+
<br>
# Privilege Escalation  within the database and extracting data with database admin privilege?
+
__NOTOC__
# OS code execution on these database server and use this as a pivot to attack internal network?
+
==Description==
 +
'''Course Length: 1 Day'''
  
===Description===
 
 
This is a full day hands on training course which will typically target penetration testers, security auditors/administrators  and even web developers  to learn advanced exploitation techniques. SQL Injection, although now nearly 15 years old, still exists in over 30% of the web applications. This vulnerability could typically result in 3 scenarios:
 
This is a full day hands on training course which will typically target penetration testers, security auditors/administrators  and even web developers  to learn advanced exploitation techniques. SQL Injection, although now nearly 15 years old, still exists in over 30% of the web applications. This vulnerability could typically result in 3 scenarios:
  
Line 21: Line 20:
 
# OS code execution on these database server and use this as a pivot to attack internal network?
 
# OS code execution on these database server and use this as a pivot to attack internal network?
  
===Instructor===
+
==Student Requirements==
'''Instructor: Sumit Siddharth'''  Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: www.notsosecure.com
+
Students will need to bring a laptop with VMWare
  
===Requirements===
+
==Objectives==
Students will need to bring a laptop with VMWare
+
Skill: Basic, Intermediate
 +
 
 +
# Understand the problem of SQL Injection
 +
# Learn a variety of advanced exploitation techniques which hackers use.
 +
# How to fix the problem?
 +
 
 +
 
 +
==Instructor==
 +
'''Instructor: Sumit Siddharth'''  Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: [http://www.notsosecure.com www.notsosecure.com]
  
[[Category:AppSec_DC_2010_Training]] [[Category:Basic_Training]]] [[Category:Intermediate_Training]]]
+
[[Category:OWASP Training/AppSec_DC_2010]] [[Category:OWASP Training/Basic]]

Latest revision as of 21:25, 10 November 2014

468x60-banner-2010.gif

Registration | Hotel | Walter E. Washington Convention Center

Description

Course Length: 1 Day

This is a full day hands on training course which will typically target penetration testers, security auditors/administrators and even web developers to learn advanced exploitation techniques. SQL Injection, although now nearly 15 years old, still exists in over 30% of the web applications. This vulnerability could typically result in 3 scenarios:

  1. Authentication Bypass
  2. Extraction of arbitrary sensitive data from the database
  3. Access and compromise of the internal network.

To identify the true impact of this vulnerability it is essential that the vulnerability gets exploited to the full extent. While there is a reasonably good awareness when it comes to identify this problem, there are still a lot of grey areas when it comes to exploitation or even identifying complex vulnerabilities like a 2nd order injections. This training will target 3 databases (MS-SQL, Mysql, Oracle) and discuss a variety of exploitation techniques to exploit each scenario. The aim of the training course is to address the following:

  1. Identify the most complicated sql injections which are beyond the scope of any automated tool?
  2. Identify and Extract sensitive data from back-end database?
  3. Privilege Escalation within the database and extracting data with database admin privilege?
  4. OS code execution on these database server and use this as a pivot to attack internal network?

Student Requirements

Students will need to bring a laptop with VMWare

Objectives

Skill: Basic, Intermediate

  1. Understand the problem of SQL Injection
  2. Learn a variety of advanced exploitation techniques which hackers use.
  3. How to fix the problem?


Instructor

Instructor: Sumit Siddharth Sumit "sid" Siddharth works as a Principal Security Consultant (Penetration Tester) for 7Safe Limited in the UK. He specializes in the application and database security and has more than 5 years of pentesting. Sid has authored a number of whitepapers and tools. He has been a speaker at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T etc. He also runs the popular IT security blog: www.notsosecure.com

Retrieved from "https://wiki.owasp.org/index.php?title=The_Art_of_Exploiting_SQL_Injections&oldid=185115"