Published on January 15th, 2011 📆 | 5574 Views ⚑
0DEFCON 17: Advanced SQL Injection
https://www.ispeech.org/text.to.speech
Speaker: Joseph McCray Founder of Learn Security Online
SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated as NOT exploitable by security testers when it actually can be exploited.
Advanced SQL Injection is a presentation geared toward showing security professionals advanced exploitation techniques for situations when you must prove to the customer the extent of compromise that is possible.
The key areas are:
•IDS Evasion, Web Application Firewall Bypass
•Privilege Escalation
•Re-Enabling stored procedures
•Obtaining an interactive command-shell
•Data Exfiltration via DNS
For more information visit: http://bit.ly/defcon17_information
To download the video visit: http://bit.ly/defcon17_videos
2011-01-15 12:19:23
source
Gloss