SQL Injection to Shell

This will be a demonstration on how to execute OS commands via SQL injection in a web application. This session will cover:

  1. Basic Introduction to SQL Injection.
  2. Demonstration of gaining shell access via SQLi.
  3. Qs and As


Full SQL Injection Tutorial (MySQL) - An ExploitDB paper
Protect Yourself from SQLi Attacks that Create a Backdoor to a Web Server Using MySQL - An article by David Maman
Anatomy of an attack: Gaining Reverse Shell from SQL injection - An article by Shashank
Going from SQL Injection to Reverse Shell Walkthrough - An excellent blog by Travis


Krithika Mutuguppe

Enthusiastically taking baby steps in the field of Information Security. Among several other things that keep me busy and drive me crazy, Carnatic music keeps me calm and sane! ;)


Starts at Saturday June 11 2016, 11:00 AM. The sessions runs for about 1 hour.