The Making of the Second SQL Injection Worm

Presented at DEF CON 17 (2009), Aug. 1, 2009, 3 p.m. (20 minutes)

The "turbo" talk will focus on exploiting SQL injections in web applications with oracle back-end. Mostly exploiting Oracle sql injections in web applications is considered to be restricted to extraction of data only. Oracle database does not offer hacker friendly functionalities such as openrowset or xp_cmdshell for privilege escalation and O.S code execution. Further, as web API do not support execution of multiple query in single statement, the exploitation is further restricted. The Talk will highlight attack vector to achieve privilege escalation (from Scott to SYS) and O.S code execution by exploiting Oracle SQL injections in web applications. Further, there will be demo of how a worm could target an Oracle back-end just as it targeted the SQL server applications.

Presenters:

• Sumit Siddharth / sid - IT Security Consultant   as Sumit Siddharth
  Sumit "sid" Siddharth works as a senior IT security consultant for Portcullis Computer Security in the UK. He has been a speaker at many security conferences including Troopers, OWASP Appsec and IT Underground. He also runs the popular IT security blog www.notsosecure.com.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Siddharth
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - Summit Siddharth - The Making of the Second SQL Injection Worm - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=3fsH5uWRyAU

Similar Presentations:

• DEF CON 14 (2006) / Oracle Rootkits 2.0
• DEF CON 18 (2010) / Hacking Oracle From Web Apps
• Black Hat USA 2010 / Hacking Oracle From Web Apps