Rapid Blind SQL Injection Exploitation with BBQSQL

Presented at DerbyCon 2.0 Reunion (2012), Sept. 28, 2012, 8:30 p.m. (30 minutes)

Blind SQL injection can be a pain in the ass. Tools that help you exploit Blind SQL injection can also be a pain in the ass. bbqSQL is juicy and sweet and will make all of your BSQLI worries fade away. This talk will cover some of the basics of SQL injection as well as Blind SQLi. The talk will also cover at length some of the features of the new tool and will show folks how its done.


Presenters:

  • Scott Behrens
  • Ben Toews (mastahyeti)
    Ben Toews is a security consultant and researcher for Neohapsis. He specializes in application and network pentesting. Previously, Ben has worked as a sysadmin and developer, hacking only on the side until now. Ben recently talked at Thotcon 0×3 and was published in HITB magazine for his research on reverse shell traffic obfuscation. Ben’s work is frequently published in the Neohapsis Labs’ blog. Ben has a BS in Information Assurance and Security Engineering from DePaul University.

Similar Presentations: