SlideShare une entreprise Scribd logo

sqlmap - "One Tiny Step At a Time"

Miroslav Stampar
Miroslav Stampar

These are the slides from a talk "sqlmap - One Tiny Step At a Time" held at Bsides Chile 2020 (online)

Internet
1  sur  31
Télécharger pour lire hors ligne
sqlmap - “One Tiny Stepsqlmap - “One Tiny Step At a Time”At a Time” Miroslav Stampar (miroslav@sqlmap.org) sqlmap - “One Tiny Stepsqlmap - “One Tiny Step At a Time”At a Time” Miroslav Stampar (miroslav@sqlmap.org)
Bsides Chile Security Conference November 07th, 2020 2 “Everything can be achieved through gradual steps – one small step at a time: overcoming fears, fulfilling dreams... anything you wish to be different from the way it is.” A.J. Darkholme, Rise of the Morningstar Leitmotif (Leitmotif (/ˌlaɪtmoʊˈtiːf//ˌlaɪtmoʊˈtiːf/))
Bsides Chile Security Conference November 07th, 2020 3 TODO:TODO:
Bsides Chile Security Conference November 07th, 2020 4 Short project introductionShort project introduction ((II))  Free and open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database server(s)  Written in Python (2 & 3)  14 years old (July 25th 2006)  2 authors / core developers (Bernardo Damele and Miroslav Stampar)  100% accuracy and 0% false-positives by WAVSEP benchmark of 64 Web Application Scanners (sectoolmarket.com)
Bsides Chile Security Conference November 07th, 2020 5 Short project introductionShort project introduction ((IIII))  32 supported DBMSes (MySQL, MsSQL, etc.)  6 supported SQLi techniques (boolean-based blind, error-based blind, etc.)  > 4,000 user reported Issues closed in last 8 years (since switched from SourceForge SVN to GitHub GIT)  > 9,500 commits (from the beginning)  > 72,000 LoC (Lines of Code)  > 1,000 repository clones per day  > 7,500 daily unique web visitors (sqlmap.org)  > 1,500 daily unique web visitors (github.com)
Bsides Chile Security Conference November 07th, 2020 6 Short project introductionShort project introduction ((IIIIII))
Bsides Chile Security Conference November 07th, 2020 7 Short project introductionShort project introduction ((IVIV))
Bsides Chile Security Conference November 07th, 2020 8 Short project introductionShort project introduction ((VV))
Bsides Chile Security Conference November 07th, 2020 9 Baby steps (Baby steps (II))
Bsides Chile Security Conference November 07th, 2020 10 Baby steps (Baby steps (IIII))
Bsides Chile Security Conference November 07th, 2020 11 Baby steps (Baby steps (IIIIII))
Bsides Chile Security Conference November 07th, 2020 12 Baby steps (Baby steps (IVIV))
Bsides Chile Security Conference November 07th, 2020 13 Baby steps (Baby steps (VV))
Bsides Chile Security Conference November 07th, 2020 14 ““Continuous integration” (Continuous integration” (II))
Bsides Chile Security Conference November 07th, 2020 15 ““Continuous integration” (Continuous integration” (IIII))
Bsides Chile Security Conference November 07th, 2020 16 Smoke testing (Smoke testing (II))
Bsides Chile Security Conference November 07th, 2020 17 Smoke testing (Smoke testing (IIII))
Bsides Chile Security Conference November 07th, 2020 18 Vuln testing (Vuln testing (II))
Bsides Chile Security Conference November 07th, 2020 19 Vuln testing (Vuln testing (IIII))
Bsides Chile Security Conference November 07th, 2020 20 Vuln testing (Vuln testing (IIIIII))
Bsides Chile Security Conference November 07th, 2020 21 Testbed (Testbed (II))
Bsides Chile Security Conference November 07th, 2020 22 Testbed (Testbed (IIII))
Bsides Chile Security Conference November 07th, 2020 23 Testbed (Testbed (IIIIII))
Bsides Chile Security Conference November 07th, 2020 24 sqlmapreporter (sqlmapreporter (II))
Bsides Chile Security Conference November 07th, 2020 25 sqlmapreporter (sqlmapreporter (IIII))
Bsides Chile Security Conference November 07th, 2020 26 sqlmapreporter (sqlmapreporter (IIIIII))
Bsides Chile Security Conference November 07th, 2020 27 sqlmapreporter (sqlmapreporter (IVIV))
Bsides Chile Security Conference November 07th, 2020 28 Latest “tiny step” (Latest “tiny step” (II))  JSON aggregation across 4 major DBMSes (MySQL, Oracle, MsSQL and PostgreSQL)  Putting whole query result into a JSON array  ?id=1 UNION ALL SELECT NULL,NULL,CONCAT('qqkzq',JSON_ARRAYAGG(CONC AT_WS('aitagt',address,birthday,cc,email,id ,name,occupation,password,phone)),'qbkkq'), NULL,NULL,NULL FROM testdb.users-- -  Effectively reducing table dumps to a single query (if supported by the target)  Prerequisite is that UNION-query SQLi has to be usable (Note: even partial is enough)
Bsides Chile Security Conference November 07th, 2020 29 Latest “tiny step” (Latest “tiny step” (IIII))
Bsides Chile Security Conference November 07th, 2020 30 Latest “tiny step” (Latest “tiny step” (IIIIII))
Bsides Chile Security Conference November 07th, 2020 31 Questions?Questions?

Recommandé

Internet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedInternet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedSSIMeetup
 
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!Dr David Probert
 
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...SSIMeetup
 
YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!Dr David Probert
 
SCADA hacking industrial-scale fun
SCADA hacking industrial-scale funSCADA hacking industrial-scale fun
SCADA hacking industrial-scale funJan Seidl
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Dr David Probert
 
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan SimicState of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan SimicBojan Simic
 
State of bitcoin security
State of bitcoin securityState of bitcoin security
State of bitcoin securityMediabistro
 

Recommandé

Internet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedInternet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedSSIMeetup
 
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!
CyberSecurity Futures: 2018 - 2025+ - Technology, Tools & Trends!Dr David Probert
 
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...SSIMeetup
 
YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!YOUR Defence for the TOP 10 Cyber Threats!
YOUR Defence for the TOP 10 Cyber Threats!Dr David Probert
 
SCADA hacking industrial-scale fun
SCADA hacking industrial-scale funSCADA hacking industrial-scale fun
SCADA hacking industrial-scale funJan Seidl
 
Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Smart Security Architectures for YOUR Business!
Smart Security Architectures for YOUR Business!Dr David Probert
 
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan SimicState of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic
State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan SimicBojan Simic
 
State of bitcoin security
State of bitcoin securityState of bitcoin security
State of bitcoin securityMediabistro
 
Strange security mitigations
Strange security mitigationsStrange security mitigations
Strange security mitigationsAntonio Costa aka Cooler_
 
Data Integration in a Big Data Context
Data Integration in a Big Data ContextData Integration in a Big Data Context
Data Integration in a Big Data ContextAlasdair Gray
 
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & PrivacyDr David Probert
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...NUS-ISS
 
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Dr David Probert
 
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!Dr David Probert
 
Exploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threatExploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threatG DATA Software
 
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (..."Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...Tech in Asia ID
 
Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...ijdms
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Dr David Probert
 
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...sipij
 
- Codemotion Rome 2015
- Codemotion Rome 2015- Codemotion Rome 2015
- Codemotion Rome 2015Codemotion
 
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...sipij
 
OIT Technology, Communications, Japan
OIT Technology, Communications, JapanOIT Technology, Communications, Japan
OIT Technology, Communications, JapanChristos Makiyama
 
CyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceCyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceDr David Probert
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Dr David Probert
 
Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...Agile India
 
Audit Once, Comply Many, and other lies
Audit Once, Comply Many, and other liesAudit Once, Comply Many, and other lies
Audit Once, Comply Many, and other liesKeith Crawford
 
3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)ijcisjournal
 
Blind WAF identification
Blind WAF identificationBlind WAF identification
Blind WAF identificationMiroslav Stampar
 
sqlmap internals
sqlmap internalssqlmap internals
sqlmap internalsMiroslav Stampar
 

Contenu connexe

Similaire à sqlmap - "One Tiny Step At a Time"

Data Integration in a Big Data Context
Data Integration in a Big Data ContextData Integration in a Big Data Context
Data Integration in a Big Data ContextAlasdair Gray
 
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & PrivacyDr David Probert
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...NUS-ISS
 
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Dr David Probert
 
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!Dr David Probert
 
Exploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threatExploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threatG DATA Software
 
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (..."Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...Tech in Asia ID
 
Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...ijdms
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Dr David Probert
 
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...sipij
 
- Codemotion Rome 2015
- Codemotion Rome 2015- Codemotion Rome 2015
- Codemotion Rome 2015Codemotion
 
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...sipij
 
OIT Technology, Communications, Japan
OIT Technology, Communications, JapanOIT Technology, Communications, Japan
OIT Technology, Communications, JapanChristos Makiyama
 
CyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceCyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceDr David Probert
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Dr David Probert
 
Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...Agile India
 
Audit Once, Comply Many, and other lies
Audit Once, Comply Many, and other liesAudit Once, Comply Many, and other lies
Audit Once, Comply Many, and other liesKeith Crawford
 
3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)ijcisjournal
 

Similaire à sqlmap - "One Tiny Step At a Time" (20)

Strange security mitigations
Strange security mitigationsStrange security mitigations
Strange security mitigations
 
Data Integration in a Big Data Context
Data Integration in a Big Data ContextData Integration in a Big Data Context
Data Integration in a Big Data Context
 
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
24/7 Intelligent Video Surveillance: Securing Your Business Data & Privacy
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...
 
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
Cyber Tools and Trends - Next 7 Years: 2018 - 2025 !
 
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
CyberVision: 2020 to 2030 - Your 21stC Cybersecurity Toolkit!
 
Exploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threatExploits - from zero day to ongoing threat
Exploits - from zero day to ongoing threat
 
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (..."Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
 
Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...Call for Papers - International Conference on Big Data and Block chain (BDAB ...
Call for Papers - International Conference on Big Data and Block chain (BDAB ...
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
Intelligent Cyber Surveillance: AI Video Analytics & Biometrics!
 
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
Call for papers - International Conference on VLSI & Embedded Systems (VLSIE ...
 
- Codemotion Rome 2015
- Codemotion Rome 2015- Codemotion Rome 2015
- Codemotion Rome 2015
 
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
Call for papers -International Conference on VLSI & Embedded Systems (VLSIE 2...
 
OIT Technology, Communications, Japan
OIT Technology, Communications, JapanOIT Technology, Communications, Japan
OIT Technology, Communications, Japan
 
CyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in CyberspaceCyberTerrorism - Security in Cyberspace
CyberTerrorism - Security in Cyberspace
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
 
Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...Keeping hundreds of code repositories consistent, and staying sane by Vincent...
Keeping hundreds of code repositories consistent, and staying sane by Vincent...
 
Audit Once, Comply Many, and other lies
Audit Once, Comply Many, and other liesAudit Once, Comply Many, and other lies
Audit Once, Comply Many, and other lies
 
3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)3rd International Conference on Big Data and Blockchain (BDAB 2022)
3rd International Conference on Big Data and Blockchain (BDAB 2022)
 

Plus de Miroslav Stampar

Why everybody should do CTF / Wargames?
Why everybody should do CTF / Wargames?Why everybody should do CTF / Wargames?
Why everybody should do CTF / Wargames?Miroslav Stampar
 
Improving Network Intrusion Detection with Traffic Denoise
Improving Network Intrusion Detection with Traffic DenoiseImproving Network Intrusion Detection with Traffic Denoise
Improving Network Intrusion Detection with Traffic DenoiseMiroslav Stampar
 
APT Attacks on Critical Infrastructure
APT Attacks on Critical InfrastructureAPT Attacks on Critical Infrastructure
APT Attacks on Critical InfrastructureMiroslav Stampar
 
WARNING: Do Not Feed the Bears
WARNING: Do Not Feed the BearsWARNING: Do Not Feed the Bears
WARNING: Do Not Feed the BearsMiroslav Stampar
 
Non-Esoteric XSS Tips & Tricks
Non-Esoteric XSS Tips & TricksNon-Esoteric XSS Tips & Tricks
Non-Esoteric XSS Tips & TricksMiroslav Stampar
 
sqlmap - why (not how) it works?
sqlmap - why (not how) it works?sqlmap - why (not how) it works?
sqlmap - why (not how) it works?Miroslav Stampar
 
2014 – Year of Broken Name Generator(s)
2014 – Year of Broken Name Generator(s)2014 – Year of Broken Name Generator(s)
2014 – Year of Broken Name Generator(s)Miroslav Stampar
 
Riding the Overflow - Then and Now
Riding the Overflow - Then and NowRiding the Overflow - Then and Now
Riding the Overflow - Then and NowMiroslav Stampar
 
Riding the Overflow - Then and Now
Riding the Overflow - Then and NowRiding the Overflow - Then and Now
Riding the Overflow - Then and NowMiroslav Stampar
 
Heuristic methods used in sqlmap
Heuristic methods used in sqlmapHeuristic methods used in sqlmap
Heuristic methods used in sqlmapMiroslav Stampar
 
Spot the Web Vulnerability
Spot the Web VulnerabilitySpot the Web Vulnerability
Spot the Web VulnerabilityMiroslav Stampar
 
Analysis of mass SQL injection attacks
Analysis of mass SQL injection attacksAnalysis of mass SQL injection attacks
Analysis of mass SQL injection attacksMiroslav Stampar
 
Data Retrieval over DNS in SQL Injection Attacks
Data Retrieval over DNS in SQL Injection AttacksData Retrieval over DNS in SQL Injection Attacks
Data Retrieval over DNS in SQL Injection AttacksMiroslav Stampar
 

Plus de Miroslav Stampar (20)

Blind WAF identification
Blind WAF identificationBlind WAF identification
Blind WAF identification
 
sqlmap internals
sqlmap internalssqlmap internals
sqlmap internals
 
Why everybody should do CTF / Wargames?
Why everybody should do CTF / Wargames?Why everybody should do CTF / Wargames?
Why everybody should do CTF / Wargames?
 
sqlmap internals
sqlmap internalssqlmap internals
sqlmap internals
 
Improving Network Intrusion Detection with Traffic Denoise
Improving Network Intrusion Detection with Traffic DenoiseImproving Network Intrusion Detection with Traffic Denoise
Improving Network Intrusion Detection with Traffic Denoise
 
APT Attacks on Critical Infrastructure
APT Attacks on Critical InfrastructureAPT Attacks on Critical Infrastructure
APT Attacks on Critical Infrastructure
 
WARNING: Do Not Feed the Bears
WARNING: Do Not Feed the BearsWARNING: Do Not Feed the Bears
WARNING: Do Not Feed the Bears
 
Non-Esoteric XSS Tips & Tricks
Non-Esoteric XSS Tips & TricksNon-Esoteric XSS Tips & Tricks
Non-Esoteric XSS Tips & Tricks
 
sqlmap - why (not how) it works?
sqlmap - why (not how) it works?sqlmap - why (not how) it works?
sqlmap - why (not how) it works?
 
2014 – Year of Broken Name Generator(s)
2014 – Year of Broken Name Generator(s)2014 – Year of Broken Name Generator(s)
2014 – Year of Broken Name Generator(s)
 
Smashing the Buffer
Smashing the BufferSmashing the Buffer
Smashing the Buffer
 
Riding the Overflow - Then and Now
Riding the Overflow - Then and NowRiding the Overflow - Then and Now
Riding the Overflow - Then and Now
 
Riding the Overflow - Then and Now
Riding the Overflow - Then and NowRiding the Overflow - Then and Now
Riding the Overflow - Then and Now
 
Hash DoS Attack
Hash DoS AttackHash DoS Attack
Hash DoS Attack
 
Curious Case of SQLi
Curious Case of SQLiCurious Case of SQLi
Curious Case of SQLi
 
Heuristic methods used in sqlmap
Heuristic methods used in sqlmapHeuristic methods used in sqlmap
Heuristic methods used in sqlmap
 
sqlmap - Under the Hood
sqlmap - Under the Hoodsqlmap - Under the Hood
sqlmap - Under the Hood
 
Spot the Web Vulnerability
Spot the Web VulnerabilitySpot the Web Vulnerability
Spot the Web Vulnerability
 
Analysis of mass SQL injection attacks
Analysis of mass SQL injection attacksAnalysis of mass SQL injection attacks
Analysis of mass SQL injection attacks
 
Data Retrieval over DNS in SQL Injection Attacks
Data Retrieval over DNS in SQL Injection AttacksData Retrieval over DNS in SQL Injection Attacks
Data Retrieval over DNS in SQL Injection Attacks
 

Dernier

哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoilmeghakumariji156
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsPriya Reddy
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理F
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Balliameghakumariji156
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查ydyuyu
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiMonica Sydney
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasDigicorns Technologies
 

Dernier (20)

哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 

sqlmap - "One Tiny Step At a Time"

  • 1. sqlmap - “One Tiny Stepsqlmap - “One Tiny Step At a Time”At a Time” Miroslav Stampar (miroslav@sqlmap.org) sqlmap - “One Tiny Stepsqlmap - “One Tiny Step At a Time”At a Time” Miroslav Stampar (miroslav@sqlmap.org)
  • 2. Bsides Chile Security Conference November 07th, 2020 2 “Everything can be achieved through gradual steps – one small step at a time: overcoming fears, fulfilling dreams... anything you wish to be different from the way it is.” A.J. Darkholme, Rise of the Morningstar Leitmotif (Leitmotif (/ˌlaɪtmoʊˈtiːf//ˌlaɪtmoʊˈtiːf/))
  • 3. Bsides Chile Security Conference November 07th, 2020 3 TODO:TODO:
  • 4. Bsides Chile Security Conference November 07th, 2020 4 Short project introductionShort project introduction ((II))  Free and open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database server(s)  Written in Python (2 & 3)  14 years old (July 25th 2006)  2 authors / core developers (Bernardo Damele and Miroslav Stampar)  100% accuracy and 0% false-positives by WAVSEP benchmark of 64 Web Application Scanners (sectoolmarket.com)
  • 5. Bsides Chile Security Conference November 07th, 2020 5 Short project introductionShort project introduction ((IIII))  32 supported DBMSes (MySQL, MsSQL, etc.)  6 supported SQLi techniques (boolean-based blind, error-based blind, etc.)  > 4,000 user reported Issues closed in last 8 years (since switched from SourceForge SVN to GitHub GIT)  > 9,500 commits (from the beginning)  > 72,000 LoC (Lines of Code)  > 1,000 repository clones per day  > 7,500 daily unique web visitors (sqlmap.org)  > 1,500 daily unique web visitors (github.com)
  • 6. Bsides Chile Security Conference November 07th, 2020 6 Short project introductionShort project introduction ((IIIIII))
  • 7. Bsides Chile Security Conference November 07th, 2020 7 Short project introductionShort project introduction ((IVIV))
  • 8. Bsides Chile Security Conference November 07th, 2020 8 Short project introductionShort project introduction ((VV))
  • 9. Bsides Chile Security Conference November 07th, 2020 9 Baby steps (Baby steps (II))
  • 10. Bsides Chile Security Conference November 07th, 2020 10 Baby steps (Baby steps (IIII))
  • 11. Bsides Chile Security Conference November 07th, 2020 11 Baby steps (Baby steps (IIIIII))
  • 12. Bsides Chile Security Conference November 07th, 2020 12 Baby steps (Baby steps (IVIV))
  • 13. Bsides Chile Security Conference November 07th, 2020 13 Baby steps (Baby steps (VV))
  • 14. Bsides Chile Security Conference November 07th, 2020 14 ““Continuous integration” (Continuous integration” (II))
  • 15. Bsides Chile Security Conference November 07th, 2020 15 ““Continuous integration” (Continuous integration” (IIII))
  • 16. Bsides Chile Security Conference November 07th, 2020 16 Smoke testing (Smoke testing (II))
  • 17. Bsides Chile Security Conference November 07th, 2020 17 Smoke testing (Smoke testing (IIII))
  • 18. Bsides Chile Security Conference November 07th, 2020 18 Vuln testing (Vuln testing (II))
  • 19. Bsides Chile Security Conference November 07th, 2020 19 Vuln testing (Vuln testing (IIII))
  • 20. Bsides Chile Security Conference November 07th, 2020 20 Vuln testing (Vuln testing (IIIIII))
  • 21. Bsides Chile Security Conference November 07th, 2020 21 Testbed (Testbed (II))
  • 22. Bsides Chile Security Conference November 07th, 2020 22 Testbed (Testbed (IIII))
  • 23. Bsides Chile Security Conference November 07th, 2020 23 Testbed (Testbed (IIIIII))
  • 24. Bsides Chile Security Conference November 07th, 2020 24 sqlmapreporter (sqlmapreporter (II))
  • 25. Bsides Chile Security Conference November 07th, 2020 25 sqlmapreporter (sqlmapreporter (IIII))
  • 26. Bsides Chile Security Conference November 07th, 2020 26 sqlmapreporter (sqlmapreporter (IIIIII))
  • 27. Bsides Chile Security Conference November 07th, 2020 27 sqlmapreporter (sqlmapreporter (IVIV))
  • 28. Bsides Chile Security Conference November 07th, 2020 28 Latest “tiny step” (Latest “tiny step” (II))  JSON aggregation across 4 major DBMSes (MySQL, Oracle, MsSQL and PostgreSQL)  Putting whole query result into a JSON array  ?id=1 UNION ALL SELECT NULL,NULL,CONCAT('qqkzq',JSON_ARRAYAGG(CONC AT_WS('aitagt',address,birthday,cc,email,id ,name,occupation,password,phone)),'qbkkq'), NULL,NULL,NULL FROM testdb.users-- -  Effectively reducing table dumps to a single query (if supported by the target)  Prerequisite is that UNION-query SQLi has to be usable (Note: even partial is enough)
  • 29. Bsides Chile Security Conference November 07th, 2020 29 Latest “tiny step” (Latest “tiny step” (IIII))
  • 30. Bsides Chile Security Conference November 07th, 2020 30 Latest “tiny step” (Latest “tiny step” (IIIIII))
  • 31. Bsides Chile Security Conference November 07th, 2020 31 Questions?Questions?