November 20, 2012
In this blog I’ll provide a practical example showing how to use the new authorization bypass and database scraper modules we created to gain unauthorized access to credit card data, social security numbers, and passwords stored in SQL Server.
November 5, 2012
For those of you who couldn’t make it to AppSec USA, we’ve put together this blog to provide access to our presentation slides, metasploit modules, and demo videos we released at the conference.
August 16, 2012
Unlike previous versions, SQL Server 2008 and 2012 don't provide local system administrators with database administrator rights by default. This was a great idea by Microsoft to reinforce the practices of least privilege and separation of duties. However, in spite of the fact that their heart was in the right place, it was implemented in such a way that any local administrator (or attacker) can bypass the restriction.
November 14, 2011
In this blog I’ll provide a few scripts for finding sensitive data quickly in SQL Server. In the future I'll provide scripts for other attacks as well.
September 29, 2011
By default, SQL Server Express supports a lot of great options that make it a very practical solution to many business problems. However, it also comes configured with a not so great option that could allow domain users to gain unauthorized access to SQL Server Express instances. In this blog I’ll cover what the issue is, how to attack it, and how to fix it.
July 19, 2011
This blog will illustrate how the OSQL and SQLCMD utilities can be used by malicious users to escalate their privileges through SQL Servers and gain unauthorized access to systems and data.
June 6, 2011
We put together a revised version of our "When Databases Attack" presentation based on some feedback from the Bsides crowd. It includes some new SQL script examples that should be fun to play with.
January 26, 2011
This blog provides an overview of threats and entry points that are commonly leveraged by attackers to gain unauthorized access to databases and systems.
August 16, 2010
Antti Rantasaari and I will be delivering our presentation “Escalating Privileges through Database Trusts” at the National OWASP AppSec conference in Irvine, CA on September 10th. We are very excited to have the opportunity to share some the of the common application and database implementation weaknesses we see in the real world.