hacking sql server the best defense is a good offence
Download
Skip this Video
Download Presentation
Hacking SQL Server The best defense is a good offence

Loading in 2 Seconds...

play fullscreen
1 / 21

Hacking SQL Server The best defense is a good offence - PowerPoint PPT Presentation


  • 86 Views
  • Uploaded on

Hacking SQL Server The best defense is a good offence. Learning. User groups Cisco, SQL, Virtualization Conferences GrrCON , SQL Saturday Hands-On Capture the Flag Forensics. RSS Exploit-DB updates SecurityFocus Vuln .. Content on Security Street Twitter @ markrussinovich

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Hacking SQL Server The best defense is a good offence' - marcus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
learning
Learning
  • User groups
    • Cisco, SQL, Virtualization
  • Conferences
    • GrrCON, SQL Saturday
  • Hands-On
    • Capture the Flag
    • Forensics
  • RSS
    • Exploit-DB updates
    • SecurityFocusVuln..
    • Content on Security Street
  • Twitter
    • @markrussinovich
    • @Wh1t3Rabbit
    • @EggDropX
    • @msftsecurity
initial attack vectors
Initial Attack Vectors
  • Network communication vital

Proxies

Corporate/Windows Firewalls

authentication vs authorization
Authentication vs. Authorization

Problem: Hackers don’t care about Authorization

tools
Tools
  • BackTrack (bt)
      • Bootable, vm, phone
    • Zenmap
    • Metasploit framework
      • 927+ exploits
      • 251+ payloads
      • Meterpreter
    • Social Engineering Toolkit
    • Netdiscover
    • Fasttrack & autopwn
tools new hotness
Tools (NEW HOTNESS)
  • Kali Linux
      • Bootable, vm, phone
    • Metasploit framework
      • 927+ exploits
      • 251+ payloads
      • Meterpreter
    • Social Engineering Toolkit
    • Netdiscover
    • BBQSQL (sql injection)
    • AND MORE!
meterpreter payload
Meterpreter Payload
  • Interesting Commands
    • Getuid
    • GetSystem
    • Ps
    • kill
    • Migrate
    • Shell
    • Hashdump
    • Webcam_snap
    • clearev
patches and misconfigurations
Patches and Misconfigurations
  • If you are not patching, no reason for pen testing
  • Don’t forget 3rd party utilities
  • Peer review servers
  • cleanup
misconfigurations
Misconfigurations
  • Blank or weak ‘sa’ password
  • Default 3rd party passwords
  • Accidental administrators(Dev)
  • Over privileged services(System)
  • Extra un-used services(Writer)
  • Extra un-used protocols (SQL Auth)
patches
Patches
  • Reversing patches is common practice
    • Midi file buffer overflow exploited in wild 16 days after the patch
  • Common msf exploits used MSYY- naming convention
  • CVE – common vulnerabilities and exposures
  • Know unsupported dates
layers
Layers
  • Layers that still work
    • Firewalls
    • Strong Passwords
    • Antivirus
    • Patches
    • Group Policy
    • Log Monitoring
    • Least privilege
    • Audits and Testing
  • DR
    • Did someone say zombies?
roadblock
Roadblock
  • Don’t be a disabler for business.
slide20
Q&A
  • Other hacks?
    • ‘ OR 1=1; -- Create table, insert web.config
    • Browser based attacks
    • The next MS08_067
  • Review whiteboarding
ad