1 / 21

Hacking SQL Server The best defense is a good offence

In today's cyber landscape, understanding SQL Server security is critical for safeguarding sensitive data. This comprehensive guide dives into the best defense strategies against hacking threats, focusing on proactive measures and essential tools. Gain insights from user groups, conferences like GrrCON and SQL Saturday, and hands-on Capture the Flag experiences. Learn about attack vectors, essential hacking tools such as Metasploit and Kali Linux, and the importance of patching and misconfiguration cleanup to thwart unauthorized access. Elevate your security game today!

marcus
Télécharger la présentation

Hacking SQL Server The best defense is a good offence

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hacking SQL ServerThe best defense is a good offence

  2. Learning • User groups • Cisco, SQL, Virtualization • Conferences • GrrCON, SQL Saturday • Hands-On • Capture the Flag • Forensics • RSS • Exploit-DB updates • SecurityFocusVuln.. • Content on Security Street • Twitter • @markrussinovich • @Wh1t3Rabbit • @EggDropX • @msftsecurity

  3. Initial Attack Vectors • Network communication vital Proxies Corporate/Windows Firewalls

  4. Authentication vs. Authorization Problem: Hackers don’t care about Authorization

  5. Tools • BackTrack (bt) • Bootable, vm, phone • Zenmap • Metasploit framework • 927+ exploits • 251+ payloads • Meterpreter • Social Engineering Toolkit • Netdiscover • Fasttrack & autopwn

  6. Tools (NEW HOTNESS) • Kali Linux • Bootable, vm, phone • Metasploit framework • 927+ exploits • 251+ payloads • Meterpreter • Social Engineering Toolkit • Netdiscover • BBQSQL (sql injection) • AND MORE!

  7. Meterpreter Payload • Interesting Commands • Getuid • GetSystem • Ps • kill • Migrate • Shell • Hashdump • Webcam_snap • clearev

  8. Demo – Information Gathering & Exploit

  9. Patches and Misconfigurations • If you are not patching, no reason for pen testing • Don’t forget 3rd party utilities • Peer review servers • cleanup

  10. Misconfigurations • Blank or weak ‘sa’ password • Default 3rd party passwords • Accidental administrators(Dev) • Over privileged services(System) • Extra un-used services(Writer) • Extra un-used protocols (SQL Auth)

  11. Patches • Reversing patches is common practice • Midi file buffer overflow exploited in wild 16 days after the patch • Common msf exploits used MSYY- naming convention • CVE – common vulnerabilities and exposures • Know unsupported dates

  12. Layers • Layers that still work • Firewalls • Strong Passwords • Antivirus • Patches • Group Policy • Log Monitoring • Least privilege • Audits and Testing • DR • Did someone say zombies?

  13. Roadblock • Don’t be a disabler for business.

  14. Openwall & pastebin

  15. PaSsW0rD

  16. PaSsW0rD

  17. PaSsW0rD

  18. PaSsW0rD

  19. Back to DemoPost Carnage Analysis

  20. Q&A • Other hacks? • ‘ OR 1=1; -- Create table, insert web.config • Browser based attacks • The next MS08_067 • Review whiteboarding

  21. Review

More Related