homepage
Open menu
Contact Sales

Secrets of Exploiting Blind SQL Injection

  • Wednesday, 30 Apr 2014 1:00PM EDT (30 Apr 2014 17:00 UTC)
  • Speaker: Justin Searle
Join us for a follow up to the \Secrets of Exploiting" series, a series ofwebcasts giving you sneak peaks into one of hottest new SANS classes,SEC642: Advanced Web App Penetration Testing and Ethical Hacking. In thiswebcast, we'll take a deeper look at how to exploit blind SQL injectionvulnerabilities. Since blind SQL vulnerabilities do not inherently returndata from the database, we have to find other ways to retrieve the data wewant. This webcast will discuss how we can overcome these limitationsthrough four different exfiltrate methods including single line retrieval,error messages, boolean indicators, and attacker controlled timing delays.More importantly, we'll show you how this can be automatically done withsqlmap so you don't have to become a DBA to launch these types of attacks.""
Login to Register

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
HackFest_blog_image.png
Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming
A Visual Summary of SANS HackFest Summit
Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023
370x370-person-placeholder.png
Alison Kim
read more
Blog
Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming
SEC670 Prep Quiz Answers
Answers for the SEC670 Prep Quiz. For more details about the course and the quiz, please clickthrough to see the quiz article.
370x370_jonathan-reiter.jpg
Jonathan Reiter
read more