BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

SQL Security Revisited

Black Hat via YouTube

Start learning Write review

Overview

This course aims to teach learners about SQL security by revisiting various aspects of SQL Server security. The learning outcomes include understanding SQL Server service context, security modes, roles, auditing, and potential pitfalls like source code disclosure and privilege escalation. The course covers skills such as SQL scanning, account acquisition, and defense mechanisms against SQL injection. The teaching method involves presentations, live demonstrations, and practical examples. The intended audience for this course includes cybersecurity professionals, database administrators, and individuals interested in enhancing their SQL security knowledge.

Syllabus

Intro
Presentation Outline
Presence
Security Framework
Net Libraries
SQL Server Service Context
SQL Server Security Modes (cont.)
Good Idea - What's the problem? • Microsoft recommends Windows Authentication Mode
Mode Guidelines
SQL Server Roles
C2 Level Auditing
Some Other SQL 2K Goodies
The Bad
Target Acquisition
Newsgroups
SQL Scanning
Broadcast Discovery
SQL Server Discovery
SQL Ping Utility
Account Acquisition (cont.)
Source Code Disclosure
Privilege Escalation (cont.)
Other Potential Pitfalls
They're in - Now What?
Your Defenses
Section 2 Conclusion
The Ugly
Scope of SQL Injection
SQL Injection Example 2
Live Demonstration
SQL Injection Samples
SQL Injection - Tricks

Taught by

Black Hat

Reviews

Start your review of SQL Security Revisited

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.