3 Days Left to Get an iPad Air w/ Smart Keyboard, Surface Go, or $300 Off with OnDemand or vLive Training thru 8/21!


To attend this webcast, login to your SANS Account or create your Account.

A Practical Introduction into How to Exploit Blind Vulnerabilities

  • Tuesday, December 11th, 2018 at 10:30 AM EST (15:30:00 UTC)
  • Chris Dale
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


In this webcast, Chris will be doing a demonstration-based webcast, that is, no PowerPoint! We will be doing an in-depth explanation and exploitation of blind vulnerabilities.

First, we will look at user enumeration vulnerabilities, and specifically using timing attacks. Especially prominent when companies have implemented bcrypt/scrypt/pbkdf#2. An attack vector which is very useful in many cases today, notably against Lync/Skype4B installations which are currently vulnerable to this issue. Furthermore, we will look at password spraying attacks to get a foothold into the target systems.

Once inside we'll look at some very common problems penetration testers face today, everything is blind! Meaning your attacks dont give an immediate feedback that they are working, we'll have to look at other means to discover success. We're basically flying blind.

We will discover, analyze and fully exploit weaknesses that serve into command injection, and eventually a reverse-shell on a Windows server. Then, how can we find these in automated manners, and across huge systems? How does vulnerability scanners manage to discover such weaknesses, and how can they conclude weaknesses? We will introduce the Burp Collaborator and scripts to aid in using the Collaborator against attack vectors otherwise hard to successfully exploit.

Finally, we'll look into how to discover, analyze and fully exploit blind SQL injections. We'll be utilizing the Burp Intruder to compromise the database, leveraging blind exploitation techniques to exfiltrate data.

Chris Dale is a SANS Instructor and teaches our most popular training course, SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling all throughout the EMEA region.

Speaker Bio

Chris Dale

Chris Dale is a SANS certified instructors and is currently teaching courses on Incident Response and Penetration Testing. He is the head of both Incident Response and Penetration Testing at Netsecurity, a company which serves a multitude of customers within networking, security operations, IR, and Penetration Testing.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.