SQL Injection to shell null Bangalore Meet 11 June 2016 null/OWASP/G4H Combined Meet
Abstract
SQL Injection to Shell
This will be a demonstration on how to execute OS commands via SQL injection in a web application. This session will cover:
- Basic Introduction to SQL Injection.
- Demonstration of gaining shell access via SQLi.
- Qs and As
References
Full SQL Injection Tutorial (MySQL) - An ExploitDB paper
Protect Yourself from SQLi Attacks that Create a Backdoor to a Web Server Using MySQL - An article by David Maman
Anatomy of an attack: Gaining Reverse Shell from SQL injection - An article by Shashank
Going from SQL Injection to Reverse Shell Walkthrough - An excellent blog by Travis
Speaker
Enthusiastically taking baby steps in the field of Information Security. Among several other things that keep me busy and drive me crazy, Carnatic music keeps me calm and sane! ;)
Timing
Starts at Saturday June 11 2016, 11:00 AM. The sessions runs for about 1 hour.