Advanced MySQL Exploitation
- Type
- Video
- Tags
- exploiting, MySQL, SQL injection
- Authors
- Muhaimin Dzulfakar
- Event
- HAR 2009
- Indexed on
- Mar 25, 2013
- URL
- http://ftp.selfnet.de/videos/har2009/259_l2932_Advanced_MySQL_Exploitation.mp4
- File name
- 259_l2932_Advanced_MySQL_Exploitation.mp4
- File size
- 221.4 MB
- MD5
- 23776f580f373c9cfc4cf580ef148bb5
- SHA1
- 796701f3ad865f544f355f7998d6ced7058b80f7
Attackers performing SQL injection on a MySQL platform must deal with several limitations and constraints. For example, the lack of multiple statements in one query makes MySQL an unpopular platform for remote code execution compared to other platforms. This talk will show that arbitrary code execution is possible on the MySQL platform and explain the techniques. In this presentation, the author will demonstrate the tool he wrote, titled MySqloit. This tool can be integrated with metasploit and is able to upload and execute shellcodes using a SQL Injection vulnerability in LAMP or WAMP environments.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
