SQL injection with sqlmap

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 28, 2013, 10 a.m. (50 minutes)

When hacking websites, SQL injection is a very popular way read or change data that you’re not supposed to have access to. Sqlmap is a powerful and free tool that enables you to find and exploit SQL injection vulnerabilities. Come see how to use sqlmap to attack websites and control databases (but only for the forces of good, please).

Presenters:

• Conrad Reynolds CISA
  Conrad has held a variety of positions in IT Audit, Application Development, Management, and Web Security in Fortune 50, non-profit,and government sectors. He has been implementing and advising on IT security solutions for several years. He currently hacks government web apps for a living.

Similar Presentations:

• DEF CON 10 (2002) / SQL Injection
• DerbyCon 2.0 Reunion (2012) / SQL Injection 101
• DEF CON 20 (2012) / Rapid Blind SQL Injection Exploitation with BBQSQL