Loading...

DEFCON 17: Advanced SQL Injection

227,980 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 15, 2011

Speaker: Joseph McCray Founder of Learn Security Online

SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated as NOT exploitable by security testers when it actually can be exploited.

Advanced SQL Injection is a presentation geared toward showing security professionals advanced exploitation techniques for situations when you must prove to the customer the extent of compromise that is possible.

The key areas are:

•IDS Evasion, Web Application Firewall Bypass
•Privilege Escalation
•Re-Enabling stored procedures
•Obtaining an interactive command-shell
•Data Exfiltration via DNS

For more information visit: http://bit.ly/defcon17_information

To download the video visit: http://bit.ly/defcon17_videos

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...