HomeConferenceTalks Microsoft SQL Server Post-Exploitation - When Databases Attack
Microsoft SQL Server Post-Exploitation - When Databases Attack
Microsoft SQL Server is a common foothold into most environments vulnerable to SQL Injection attacks or development environments where database passwords are easily harvested. A lot of methodologies exist for performing a pen-test where SQL has been a point of compromise, but none of them suggest operating entirely inside of SQL for conducting further attacks against the environment. A fully compromised instance of MS-SQL provides the quintessential example of a single compromise posing significant risk to an environment, where the attacker can operate with an exceptional level of stealth. This talk demonstrates the usefulness of MS-SQL as an attack platform, as well as the useful information and features that are provided as part of the extended stored procedure functionality of SQL using custom code.
Rob 'whitey' Beck
Rob is a security consulting for Casaba Security LLC. He's previously worked at Attack Research, Honeywell International, Microsoft Corporation, and @stake LLC. Rob is a career pen-tester and security researcher specializing in attack methodology, vulnerability research, and evasion techniques.
