Presentation Material

Abstract

One-Way SQL Hacking: Futility of Firewalls in Web Hacking

Topics covered will be:

Overview of Web attacks One-way attacks SQL Entry points Privilege escalation Installing a web based sql command prompt Back-end Database Enumeration tool

One Way SQL Web Hacking: SQL Web hacking is the next generation of hacking “kung fu.” This talk expands on our previous web talks with new SQL techniques for taking apart an e-commerce site. Join us for an eye-opening demonstration on what can go wrong with poorly secured Web applications, how severe the risks are, and how to protect yourself and your company.

We shall be covering vulnerabilities ranging from web server misconfigurations, improper URL parsing, application level vulnerabilities, Java application server hacking and some special advanced techniques.