sqlmap-users

[sqlmap-users] SQL injection exploitation internals presentation

[Bernardo D. A. G. <ber...@gm...>]

Hi,

yesterday I gave a presentation titled "SQL injection exploitation
internals: How do I exploit this web application injection point?" to my
colleagues at my Company third internal conference.

The presentation has a preamble on SQL injection definition, sqlmap and
its features then I presented common and uncommon problems and
respective solutions with examples that a penetration tester or a SQL
injection tool developer faces when he wants to take complete advantage
of any kind of web application SQL injection flaw on real world web
applications.

I think that it is worth a read also for others so I put the slides
online on SlideShare at
http://www.slideshare.net/inquis/sql-injection-exploitation-internals-presentation

Cheers,
-- 
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK)
PGP Key ID: 0x05F5A30F

Re: [sqlmap-users] SQL injection exploitation internals presentation

[Bedirhan U. <bed...@gm...>]

Hi Bernardo,
An internal conference. sounds good. I've looked at the slides, you should
have mentioned about the sqlibench
<http://code.google.com/p/sqlibench> and give
a small amount of info on how sqlmap performs against other injectors...
cheers,
bedirhan


2009/1/10 Bernardo Damele A. G. <ber...@gm...>

> Hi,
>
> yesterday I gave a presentation titled "SQL injection exploitation
> internals: How do I exploit this web application injection point?" to my
> colleagues at my Company third internal conference.
>
> The presentation has a preamble on SQL injection definition, sqlmap and
> its features then I presented common and uncommon problems and
> respective solutions with examples that a penetration tester or a SQL
> injection tool developer faces when he wants to take complete advantage
> of any kind of web application SQL injection flaw on real world web
> applications.
>
> I think that it is worth a read also for others so I put the slides
> online on SlideShare at
>
> http://www.slideshare.net/inquis/sql-injection-exploitation-internals-presentation
>
> Cheers,
> --
> Bernardo Damele A. G.
>
> E-mail / Jabber: bernardo.damele (at) gmail.com
> Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK)
> PGP Key ID: 0x05F5A30F
>
>
>
> ------------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It is the best place to buy or sell services for
> just about anything Open Source.
> http://p.sf.net/sfu/Xq1LFB
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>



-- 
Bedirhan Urgun
http://www.webguvenligi.org
http://www.owasp.org/index.php/Turkey

Türkçe Web Uygulama Güvenliği E-Posta Listesine üye olmak için:
https://lists.owasp.org/mailman/listinfo/owasp-turkey