Speaker: Muhaimin Dzulfakar Security Consultant, security-assessment.com This talk focuses on how MySQL SQL injection vulnerabilities can be used to gain remote code execution on the LAMP and WAMP environments. Attackers performing SQL injection on a MySQL platform must deal with several limitations and constraints. For example, the lack of multiple statements in one query makes MySQL an unpopular platform for remote code execution compared to other platforms. This talk will show that arbitrary code execution is possible on the MySQL platform and explain the techniques. In this presentation, the author will release a new tool titled MySqloit. This tool can be integrated with metasploit and is able to upload and execute shellcodes using a SQL Injection vulnerability in LAMP or WAMP environments. For more information visit: bit.ly To download the video visit: bit.ly
A continuation of the coffee cup form builder tutorial showing how to create a mysql database for a form. Making a MYSQL Database was created by Mike Lively Director of A&S Instructional Design at Northern Kentucky University NKU.
2 Responses to DEFCON 17: Advanced MySQL Exploitation
Leave a Reply Cancel reply
Categories
Tags
2005 2008 Access Apache Best Build connect Create Creating data database display error Excel from Handson INSERT Install Internet into Introduction learn Microsoft MySQL O'Reilly Oracle page Part phpMyAdmin problem Querying server statement table Tables this Tips Training Tutorial Tutorials Using Video Visual website Windows
This video teaches you crap. Great you set up a database in MySQL and entered your username/password. How do you control which inputs are associated with which fields?
Also where are the align features? You seriously have to just click and drag this stuff around?
u get accent
where u from?