[sqlmap-users] sqlmap 0.7 to be released at Black Hat Europe 2009
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] sqlmap 0.7 to be released at Black Hat Europe 2009
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-04-03 21:56:37
|
Hi, I have been selected as a speaker[1] for Black Hat Europe 2009 Briefings[2]! I am scheduled[3] to talk on April 16 at 12:00. My presentation is titled "Advanced SQL Injection exploitation to operating system full control" and the abstract is as follows: --8<-- Over ten years have passed since a famous hacker coined the term "SQL injection" and it is still considered one of the major web application threats, affecting over 70% of web application on the Net. A lot has been said on this specific vulnerability, but not all of the aspects and implications have been uncovered, yet. It's time to explore new ways to get complete control over the database management system's underlying operating system through a SQL injection vulnerability in those over-looked and theoretically not exploitable scenarios: From the command execution on MySQL and PostgreSQL to a stored procedure's buffer overflow exploitation on Microsoft SQL Server. These and much more will be unveiled and demonstrated with my own tool's [sqlmap] new version that I will release at the Conference. --8<-- The Conference will take place on April 14 - 17, 2009 at Moevenpick Hotel City Centre in Amsterdam (The Netherlands), don't miss it if you can! [1] http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele [2] http://www.blackhat.com/html/bh-europe-09/bh-eu-09-main.html [3] http://www.blackhat.com/html/bh-europe-09/bh-eu-09-schedule.html Cheers, -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |
