Ethical Hacking: SQL Injection
Pluralsight is not an official partner or accredited training center of EC-Council. This course goes through how to detect SQL injection and identify risks as you to become an ethical hacker with a strong SQL injection understanding.
What you'll learn
Pluralsight is not an official partner or accredited training center of EC-Council. Ever since we started connecting websites to databases, SQL injection has been a serious security risk with dire ramifications. The ability for attackers to run arbitrary queries against vulnerable systems can result in data exposure, modification, and in some cases, entire system compromise. SQL injection is classified as the number one risk on the web today due to the "perfect storm" of risk factors. It's very easily discoverable, very easily exploited, and the impact of a successful attack is severe. Add to that the fact that injection risks remain rampant, it's clear how it deserves that number one spot. This course takes you through everything from understanding the SQL syntax used by attackers, basic injection attacks, database discovery and data exfiltration, advanced concepts, and even using injection for network reconnaissance and running system commands. It's everything an ethical hacker needs to know to be effective in identifying the SQL injection risk in target systems. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
Table of contents
- Overview 3m
- Understanding the Union Operator 3m
- Executing Union Injection 11m
- Manual Database Structure Discovery with Error-based Injection 6m
- Querying System Objects for Schema Discovery 3m
- Extracting Schema Details with Union Injection 5m
- Enumerating Result Sets with Sub-queries 6m
- Extracting Schema Details with Error-based Injection 7m
- Summary 2m
- Overview 2m
- Basic and Blind Attack Success Criteria 4m
- Understanding a Blind Attack 4m
- Applying Boolean Based Injection 4m
- Constructing Yes and No Questions for Boolean Based Injection 8m
- Enumerating via ASCII Values 9m
- Where Time Based Injection Makes Sense 2m
- Understanding the WAITFOR DELAY Command 2m
- Constructing a Time Based Attack 9m
- Summary 2m
- Overview 3m
- Database Server Feature Comparison 7m
- Establishing Account Identity and Rights 5m
- Enumerating Other Databases on the System 5m
- Creating Database Logins 5m
- Extracting Passwords from SQL Server Hashes 4m
- Replicating a Table Using OPENROWSET 5m
- Executing Commands on the Operating System 5m
- SQL Injection for Network Reconnaissance 2m
- Summary 3m
- Overview 2m
- Implement Proper Error Handling 3m
- Validating Untrusted Data 5m
- Query Parameterization 5m
- Stored Procedures 4m
- Object Relational Mappers 4m
- The Principle of Least Privilege 8m
- Isolating the Database Network Segment 4m
- Using an IDS or WAF 5m
- Keeping Software Patched and Current 3m
- Summary 3m
About the author
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security, an ASPInsider, and a full time Author for Pluralsight—a leader in online training for technology and creative professionals. Troy has been building software for browsers since the very early days of the web and possesses an exceptional ability to distill complex subjects into relatable explanations. This has led Troy to become an industry thought leader in the security space and produce more than twenty top-rated courses ... more