hacking sql server the best defense is a good offence n.
Download
Skip this Video
Download Presentation
Hacking SQL Server The best defense is a good offence

Loading in 2 Seconds...

play fullscreen
1 / 21

Hacking SQL Server The best defense is a good offence - PowerPoint PPT Presentation


  • 86 Views
  • Uploaded on

Hacking SQL Server The best defense is a good offence. Learning. User groups Cisco, SQL, Virtualization Conferences GrrCON , SQL Saturday Hands-On Capture the Flag Forensics. RSS Exploit-DB updates SecurityFocus Vuln .. Content on Security Street Twitter @ markrussinovich

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Hacking SQL Server The best defense is a good offence' - marcus


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
learning
Learning
  • User groups
    • Cisco, SQL, Virtualization
  • Conferences
    • GrrCON, SQL Saturday
  • Hands-On
    • Capture the Flag
    • Forensics
  • RSS
    • Exploit-DB updates
    • SecurityFocusVuln..
    • Content on Security Street
  • Twitter
    • @markrussinovich
    • @Wh1t3Rabbit
    • @EggDropX
    • @msftsecurity
initial attack vectors
Initial Attack Vectors
  • Network communication vital

Proxies

Corporate/Windows Firewalls

authentication vs authorization
Authentication vs. Authorization

Problem: Hackers don’t care about Authorization

tools
Tools
  • BackTrack (bt)
      • Bootable, vm, phone
    • Zenmap
    • Metasploit framework
      • 927+ exploits
      • 251+ payloads
      • Meterpreter
    • Social Engineering Toolkit
    • Netdiscover
    • Fasttrack & autopwn
tools new hotness
Tools (NEW HOTNESS)
  • Kali Linux
      • Bootable, vm, phone
    • Metasploit framework
      • 927+ exploits
      • 251+ payloads
      • Meterpreter
    • Social Engineering Toolkit
    • Netdiscover
    • BBQSQL (sql injection)
    • AND MORE!
meterpreter payload
Meterpreter Payload
  • Interesting Commands
    • Getuid
    • GetSystem
    • Ps
    • kill
    • Migrate
    • Shell
    • Hashdump
    • Webcam_snap
    • clearev
patches and misconfigurations
Patches and Misconfigurations
  • If you are not patching, no reason for pen testing
  • Don’t forget 3rd party utilities
  • Peer review servers
  • cleanup
misconfigurations
Misconfigurations
  • Blank or weak ‘sa’ password
  • Default 3rd party passwords
  • Accidental administrators(Dev)
  • Over privileged services(System)
  • Extra un-used services(Writer)
  • Extra un-used protocols (SQL Auth)
patches
Patches
  • Reversing patches is common practice
    • Midi file buffer overflow exploited in wild 16 days after the patch
  • Common msf exploits used MSYY- naming convention
  • CVE – common vulnerabilities and exposures
  • Know unsupported dates
layers
Layers
  • Layers that still work
    • Firewalls
    • Strong Passwords
    • Antivirus
    • Patches
    • Group Policy
    • Log Monitoring
    • Least privilege
    • Audits and Testing
  • DR
    • Did someone say zombies?
roadblock
Roadblock
  • Don’t be a disabler for business.
slide20
Q&A
  • Other hacks?
    • ‘ OR 1=1; -- Create table, insert web.config
    • Browser based attacks
    • The next MS08_067
  • Review whiteboarding