Paid Advertising is
ha.ckers sla.cking
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
The Art of Exploiting Injection Flaws
Posted by: notsosecure
Date: April 15, 2013 07:58AM

The popular course on Injection Flaws will return to Las Vegas at Black hat 2013.

More details can be found here:

Some of the new additions to the course are:

Oracle SQLI- how to execute OS code, how to do priv esc from web app, OOB
extraction. Examples of burp pro missing SQLI. Injection in order by/group by, 2nd order injection etc.

XPath: We will show a new attack with which you can not just read any arbitrary XML file on system but any file with any extension.
LDAP- some really good example of auth bypass and blind ldap tool.
XXE- not too new stuff but good pointer on where to look for these.
Direct code injection- examples of recent ruby on rail and other framework issues such as expression query language injection etc.


Options: ReplyQuote

Sorry, only registered users may post in this forum.