Tuesday, July 3, 2018
Advanced SQL Injection Defcon 17 john Mccray
Advanced SQL Injection Defcon 17 john Mccray
According to OWASP top 10 vulnerabilities of 2010, SQL injection is the most dangerous and most common vulnerability around, A SQL Injection vulnerability occurs due to improper input validation or no input validation at all, what I mean by improper or no input validation is the user input is not filtered(for escape characters) before it gets passed to the SQL database, A Sql injection attack can be any many forms, but its usually categorized into 3 types:
1. Inband
2. Out of band
3. Inferential
n this presentation john Mccray discusses some of advanced SQL Injection methods and topics such as IDS evasion, filter bypassing etc.
a basic tutorial to begin sql injection will be posted soon.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.