From BruCON 2016
The Art of Exploiting Injection Flaws by Sumit Siddharth
OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project.
This hands-on session will only focus on the injection flaws and the attendees will get an in-depth understanding of the flaws arising from this vulnerability. The topics covered in the class are:
- SQL Injection
- XPATH Injection
- LDAP Injection
- Hibernate Query Language Injection
- Direct OS Code Injection
- XML Entity Injection
During the 2 days course, the attendees will have access to a number of challenges for each flaw and they will learn a variety of exploitation techniques used by the attackers in the wild. Identify, extract, escalate, execute; we have got it all covered. The following are the objectives of the course:
- Understand the problem of Injection Flaws
- Learn a variety of advanced exploitation techniques which hackers use.
- Learn how to fix these problems?
What Students Will Be Provided
- Student hand-outs
- Tools/scripts (some public and some not so public)
Who should attend
- Web Application Developers
- Web Application Security Consultants
- Penetration Testers
- Anyone who wants to take their skills to next level
What to Expect
- Shells popping
- Advanced data ex-filtration techniques.
- Advanced exploitation (some neat, new and ridiculous hacks).
- Some insane examples of code which appears secure but it's not.
What Students Should Bring
Students must bring their own laptop with Windows Operating System installed (either natively or running in a VM). Further, students must have administrative access to perform tasks like install software, disable antivirus etc. Devices which don't have ethernet connection (e.g. macbook Air, tablets etc) are not supported. A prior knowledge of Database systems and SQL language will be an added advantage but it's not a strict requirement.
Sumit "sid" Siddharth is a well-known figure in the IT security industry. He specializes in Application and Database security and has more than 8 years of pentesting experience. Sid has authored a number of whitepapers and tools. He has been a Speaker/Trainer at many security conferences including Black Hat, DEF CON, Troopers, OWASP Appsec, HITB etc. He also runs the popular IT security blog: www.notsosecure.com. Sid is also a contributing author to the book SQL Injection: Attacks and Defense (2nd Edition). Sid holds both CREST qualifications (Application and Infrastructure). Over the years, Sid has identified several critical flaws in leading software and helped fix these bugs. These include products from Microsoft, Oracle, Intel, Wordpress etc.
24 & 25 September (09:00 - 17:00)