filmov
tv
DEF CON 32 - SQL Injection Isn't Dead Smuggling Queries at the Protocol Level - Paul Gerste
Показать описание
SQL injections seem to be a solved problem; databases even have built-in support for prepared statements, leaving no room for injections. In this session, we will go a level deeper: instead of attacking the query syntax, we will explore smuggling attacks against database wire protocols, through which remote, unauthenticated attackers can inject entire (No)SQL statements into an application's database connection.
Using vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.
To put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.
Using vulnerable database driver libraries as case studies, we will bring the concept of HTTP request smuggling to binary protocols. By corrupting the boundaries between protocol messages, we desynchronize an application and its database, allowing the insertion of malicious messages that lead to authentication bypasses, data leakage, and remote code execution.
To put our findings into context, we will explore the real-world applicability of this new concept by comparing how robust various languages and frameworks are against these attacks. We will also discuss how smuggling attacks are not specific to database wire protocols but affect all kinds of binary protocols, from databases over message queues to caching. We will end the session with inspirations for future research to explore the topic further.
0:38:14
DEF CON 32 - SQL Injection Isn't Dead Smuggling Queries at the Protocol Level - Paul Gerste
0:21:59
DEF CON 32 - Atomic Honeypot-A MySQL Honeypot That Drops Shells - Alexander Rubin, Martin Rakhmanov
0:25:09
DEF CON 32 -Ticking SQLi - Iggy
0:42:37
DEF CON 32 - Listen to the Whispers: Web Timing Attacks that Actually Work - James Kettle
0:40:07
DEF CON 32 - Got 99 problems but prompt injection ain't pineapple - Chloé Messdaghi, Kasimir S...
0:21:12
DEF CON 32 - Hacking Corporate Banking for Fun and Profit - niks, Charles Waterhouse
0:08:04
SQL Injection Hacks You Won't Believe Are Possible#sqlinjection #sql #sqlite3 #database #creden...
0:43:55
SQL Injection
0:38:59
DEF CON 32 - Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panel - Vangelis Stykas
0:41:06
SQL Injection
0:32:44
#HITB2023HKT D1T1 - Injecting Brains Into Blind SQL Injection - Jakub Pruzinec & Quynh Anh Nguye...
2:31:13
IWC Pre DefCon 32 Mini-CTF
1:15:08
Intro to SQL Injection
0:50:49
Top War Stories from a Try Hard Bug Bounty Hunter, Rhynorater | Bug Bounty Village, DEF CON 32
0:51:46
From Easy Wins to Epic Challenges: Bounty Hunter Edition | Bug Bounty Village, DEF CON 32
0:00:17
Windows cmd cool tricks | fun cmd windows 10 11
0:47:07
DEF CON 25 - Chris Thompson - MS Just Gave the Blue Team Tactical Nukes
0:44:57
SQL Tutorial for Beginners
0:45:03
DEF CON Safe Mode - ayoul3 - Only Takes a Spark Popping a Shell on 1000 Nodes
0:24:25
you need to learn SQL RIGHT NOW!! (SQL Tutorial for Beginners)
0:00:38
How to Speed Up Slow Windows 10 PC or Laptop
0:00:48
SQL FROM Clause Explained: How to Select Data Like a Pro!
1:01:52
Automating Boolean SQL Injection and Evading Filters
0:01:50
DevOps & SysAdmins: Installing SQL Server 2008 32bit on 64bit : WoW64 error
Комментарии