Asegúr@IT IV - Remote File Downloading
•
4 likes•1,397 views
The document discusses blind SQL injection attacks, where an attacker can extract information from a database without seeing the results directly. It describes how an attacker analyzes differences in responses to determine true or false results. Various techniques are presented, including booleanization, tools for automating extraction, and downloading files by querying data loaded into temporary tables. Time-based techniques using delays are also covered. The document demonstrates attacks on Microsoft SQL Server, Oracle, and MySQL databases.
Report
Share
Report
Share
![Chema Alonso Informática64 MS MVP Windows Security [email_address]](https://image.slidesharecdn.com/rfd-1232270725058783-2/85/Asegur-IT-IV-Remote-File-Downloading-1-320.jpg)
![Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommended
ShmooCon 2009 - (Re)Playing(Blind)Sql
This session describes some special ways to perform (B)SQLI attacks. This talk was delivered at Shmoocon 2k9 by Palako and Chema Alonso
Playing With (B)Sqli
Charla impartida por Chema Alonso, de Informática64, en el curso de Verando de Seguridad Informática de la Universidad de Salamanca 2009
Not so blind SQL Injection
A pragmatic approach to different SQL Injection techniques such as Stacked statements, Tautology based, Union based, Error based, Second Order and Blind SQL Injection coherently explaining the path behind these attacks including tips and tricks to make them more likely to work in real life.
Also I will show you ways to avoid weak defenses as black listing and quote filtering as well as how privilege escalation may take place from this sort of vulnerabilities.
There will be a live demonstration where you can catch on some handy tools and actually see blind sql injection working efficiently with the latest techniques showing you why this type of SQL injection shouldn't be taken any less seriously than any other.
Finally, a word on countermeasures and real solutions to prevent these attacks, what you should do and what you should not.
http://videos.sapo.pt/ZvwITnTBMzD8HYvEZrov (video)
Artem Storozhuk "Building SQL firewall: insights from developers"
The document discusses using a database firewall as an additional layer of defense against SQL injections. It provides an overview of SQL injections and common techniques for preventing them, such as input validation and using web application firewalls (WAFs). However, WAFs have limitations like not being able to detect some SQL injections or protect against authorized users. The document then proposes using a database proxy firewall between the database and applications. It describes some open source database proxy firewalls and provides an example of AcraCensor, an open source database firewall that uses whitelist and blacklist rules to filter queries. It also discusses challenges in developing a database firewall and provides performance test results showing AcraCensor adds around 6.7% overhead to query processing
Sql full tutorial
This document provides a tutorial on exploiting MySQL injection vulnerabilities to extract information from a database. It begins by introducing SQL injection and MySQL. It then walks through testing for vulnerabilities, exploiting a sample site to get the MySQL version, user, databases, tables, and columns. The document demonstrates how to use these techniques to retrieve usernames and passwords stored in the database. The goal is to illustrate how an attacker can access sensitive information by chaining together SQL injection commands.
Administering and Monitoring SolrCloud Clusters
Presented by Rafal Kuć, Consultant and Software engineer, , Sematext Group, Inc.
Even though Solr can run without causing any troubles for long periods of time it is very important to monitor and understand what is happening in your cluster. In this session you will learn how to use various tools to monitor how Solr is behaving at a high level, but also on Lucene, JVM, and operating system level. You'll see how to react to what you see and how to make changes to configuration, index structure and shards layout using Solr API. We will also discuss different performance metrics to which you ought to pay extra attention. Finally, you'll learn what to do when things go awry - we will share a few examples of troubleshooting and then dissect what was wrong and what had to be done to make things work again.
Recursive Query Throwdown
MySQL 8 introduces support for ANSI SQL recursive queries with common table expressions, a powerful method for working with recursive data references. Until now, MySQL application developers have had to use workarounds for hierarchical data relationships. It's time to write SQL queries in a more standardized way, and be compatible with other brands of SQL implementations. But as always, the bottom line is: how does it perform? This presentation will briefly describe how to use recursive queries, and then test the performance and scalability of those queries against other solutions for hierarchical queries.
Apachepoitutorial
Apache POI is an open source Java library that allows Java programs to read and write Microsoft Office file formats like Excel, PowerPoint, Word etc. It supports both reading and modifying existing Office files as well as creating new ones from scratch. The library consists of multiple packages that handle different file types, such as HSSF for Excel XLS files, XSSF for Excel XLSX files, HSLF for PowerPoint files etc.
Recommended
ShmooCon 2009 - (Re)Playing(Blind)Sql
This session describes some special ways to perform (B)SQLI attacks. This talk was delivered at Shmoocon 2k9 by Palako and Chema Alonso
Playing With (B)Sqli
Charla impartida por Chema Alonso, de Informática64, en el curso de Verando de Seguridad Informática de la Universidad de Salamanca 2009
Not so blind SQL Injection
A pragmatic approach to different SQL Injection techniques such as Stacked statements, Tautology based, Union based, Error based, Second Order and Blind SQL Injection coherently explaining the path behind these attacks including tips and tricks to make them more likely to work in real life.
Also I will show you ways to avoid weak defenses as black listing and quote filtering as well as how privilege escalation may take place from this sort of vulnerabilities.
There will be a live demonstration where you can catch on some handy tools and actually see blind sql injection working efficiently with the latest techniques showing you why this type of SQL injection shouldn't be taken any less seriously than any other.
Finally, a word on countermeasures and real solutions to prevent these attacks, what you should do and what you should not.
http://videos.sapo.pt/ZvwITnTBMzD8HYvEZrov (video)
Artem Storozhuk "Building SQL firewall: insights from developers"
The document discusses using a database firewall as an additional layer of defense against SQL injections. It provides an overview of SQL injections and common techniques for preventing them, such as input validation and using web application firewalls (WAFs). However, WAFs have limitations like not being able to detect some SQL injections or protect against authorized users. The document then proposes using a database proxy firewall between the database and applications. It describes some open source database proxy firewalls and provides an example of AcraCensor, an open source database firewall that uses whitelist and blacklist rules to filter queries. It also discusses challenges in developing a database firewall and provides performance test results showing AcraCensor adds around 6.7% overhead to query processing
Sql full tutorial
This document provides a tutorial on exploiting MySQL injection vulnerabilities to extract information from a database. It begins by introducing SQL injection and MySQL. It then walks through testing for vulnerabilities, exploiting a sample site to get the MySQL version, user, databases, tables, and columns. The document demonstrates how to use these techniques to retrieve usernames and passwords stored in the database. The goal is to illustrate how an attacker can access sensitive information by chaining together SQL injection commands.
Administering and Monitoring SolrCloud Clusters
Presented by Rafal Kuć, Consultant and Software engineer, , Sematext Group, Inc.
Even though Solr can run without causing any troubles for long periods of time it is very important to monitor and understand what is happening in your cluster. In this session you will learn how to use various tools to monitor how Solr is behaving at a high level, but also on Lucene, JVM, and operating system level. You'll see how to react to what you see and how to make changes to configuration, index structure and shards layout using Solr API. We will also discuss different performance metrics to which you ought to pay extra attention. Finally, you'll learn what to do when things go awry - we will share a few examples of troubleshooting and then dissect what was wrong and what had to be done to make things work again.
Recursive Query Throwdown
MySQL 8 introduces support for ANSI SQL recursive queries with common table expressions, a powerful method for working with recursive data references. Until now, MySQL application developers have had to use workarounds for hierarchical data relationships. It's time to write SQL queries in a more standardized way, and be compatible with other brands of SQL implementations. But as always, the bottom line is: how does it perform? This presentation will briefly describe how to use recursive queries, and then test the performance and scalability of those queries against other solutions for hierarchical queries.
Apachepoitutorial
Apache POI is an open source Java library that allows Java programs to read and write Microsoft Office file formats like Excel, PowerPoint, Word etc. It supports both reading and modifying existing Office files as well as creating new ones from scratch. The library consists of multiple packages that handle different file types, such as HSSF for Excel XLS files, XSSF for Excel XLSX files, HSLF for PowerPoint files etc.
Advanced SQL injection to operating system full control (slides)
Over ten years have passed since a famous hacker coined the term "SQL injection" and it is still considered one of the major web application threats, affecting over 70% of web application on the Net. A lot has been said on this specific vulnerability, but not all of the aspects and implications have been uncovered, yet.
It's time to explore new ways to get complete control over the database management system's underlying operating system through a SQL injection vulnerability in those over-looked and theoretically not exploitable scenarios: From the command execution on MySQL and PostgreSQL to a stored procedure's buffer overflow exploitation on Microsoft SQL Server. These and much more will be unveiled and demonstrated with my own tool's new version that I will release at the Conference (http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele).
These slides have been presented at Black Hat Euroe conference in Amsterdam on April 16, 2009.
Sql killedserver
This document discusses SQL skills and how queries can negatively impact server performance if not written efficiently. It covers topics like query plans, execution contexts, using parameters, indexing, handling large datasets, and external influences on SQL performance. Specific "bad" SQL examples are also provided and analyzed. The presenter aims to help developers optimize their SQL and prevent poorly written queries from bringing servers to their knees.
Sql injection 幼幼班
透過簡單的攻擊範例,說明四種常見的 SQL Injection (Union Based Injection、Error Based Injection、Boolean Based Blind Injection、Time Based Blind Injection),並介紹一款常用的工具 sqlmap。
SQL injection: Not only AND 1=1
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the Front Range OWASP Conference in Denver on March 5, 2009.
บทที่4
This document discusses using JavaServer Pages (JSP) and Structured Query Language (SQL) to build a web application that interacts with a database. It describes using JSP to generate HTML and JavaBeans to hold data, DAO objects to access the database, and SQL commands like INSERT to add records to database tables. It provides steps for creating a database table using Navicat and generating JavaBeans and DAO classes to insert member data into the database table from a JSP servlet.
บทที่ 4 การเพิ่มข้อมูลลงฐานข้อมูล
This document discusses using JSP and SQL to build a web application. It covers using servlets and JavaBeans to handle requests and responses. It also discusses using DAO objects to access a database, and using SQL commands like INSERT to add records to tables. Specific steps shown include creating a database table in Navicat, building JavaBeans with getters and setters, creating a DAO class to insert data, and using servlets to pass objects between the JSP page and DAO class.
Real-time Inverted Search in the Cloud Using Lucene and Storm
Building real-time notification systems is often limited to basic filtering and pattern matching against incoming records. Allowing users to query incoming documents using Solr's full range of capabilities is much more powerful. In our environment we needed a way to allow for tens of thousands of such query subscriptions, meaning we needed to find a way to distribute the query processing in the cloud. By creating in-memory Lucene indices from our Solr configuration, we were able to parallelize our queries across our cluster. To achieve this distribution, we wrapped the processing in a Storm topology to provide a flexible way to scale and manage our infrastructure. This presentation will describe our experiences creating this distributed, real-time inverted search notification framework.
Selenium Webdriver with data driven framework
This document describes a Selenium WebDriver data driven framework. It uses external files to store test data and object identifiers to make the framework more flexible and maintainable. The framework includes Java classes for reading test data from Excel files, retrieving object identifiers from property files, and implementing common test functions. Tests are implemented as Java classes that utilize the framework classes to login to a test application, retrieve test data, and verify application behavior.
Solr vs. Elasticsearch, Case by Case: Presented by Alexandre Rafalovitch, UN
Solr and Elasticsearch are both based on Lucene and provide full-text search and structured search capabilities. They differ in areas like configuration, indexing documents, and representing search parameters. Both allow indexing and searching large volumes of documents and facilitating fast and complex queries.
How to Use JSON in MySQL Wrong
The document discusses using JSON in MySQL. It begins by introducing the speaker and outlining topics to be covered, including why JSON is useful, loading JSON data into MySQL, performance considerations when querying JSON data, using generated columns with JSON, and searching multi-valued attributes in JSON. The document then dives into examples demonstrating loading sample data from XML to JSON in MySQL, issues that can arise, and techniques for optimizing JSON queries using generated columns and indexes.
Data Warehouse and Business Intelligence - Recipe 3
1) The document describes how to check that data loaded correctly from a source file to a staging table without using expensive ETL tools. It involves counting rows at each step and inserting the counts into check tables.
2) Key steps include writing a function to count rows in the source file, inserting counts of rows in the source file, external table, external view, and staging table into a detail check table.
3) A summary check is then performed by inserting the row counts from the detail table into a summary table along with a status of "OK" if all counts match or "NOT OK" otherwise.
Recipe 14 of Data Warehouse and Business Intelligence - Build a Staging Area ...
The goal of this article is to show how to design, build, load and manage a Staging Area for an Oracle Data Warehouse.In 20 minutes.
Elasticsearch, a distributed search engine with real-time analytics
An overview of Elasticsearch: main features, architecture, limitations. It includes also a description on how to query data both using REST API and using elastic4s library, with also a specific interest into integration of the search engine with Apache Spark.
Oracle to vb 6.0 connectivity
This document discusses how to connect to an Oracle database from Visual Basic 6 using ADO objects rather than an ADO data control. It explains how to declare ADO connection, recordset and command objects, open a connection to the database, execute a SQL query to populate the recordset, and set the recordset as the data source for a data grid control to display the results, allowing retrieval and display of data from Oracle without using the ADO data control.
SQLMAP Tool Usage - A Heads Up
SQLMAP is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Developing on SQL Azure
1) The document provides an overview of 5 key things developers should know about SQL Azure, including how to set up a connection string, issues of throttling and errors, tools for migration and management, and performance tuning tips.
2) Throttling occurs when a session acquires too many locks or resources and causes errors like 40501, and developers need retry logic to handle errors and disconnects.
3) Tools for SQL Azure include the SQL Azure Database Manager, SSMS 2008 R2, and the migration wizard.
4) Performance can be improved by addressing indexing, minimizing round trips, using connection pooling, and caching/batching data access.
Lab manual asp.net
The document contains the source code for 7-10 experiments in an ASP.NET Software Technology Lab Manual. The experiments cover topics like using dropdown lists, listboxes, textbox events, radio buttons, validation in textboxes, and data list controls in ASP.NET. It also includes a longer experiment on performing CRUD (create, read, update, delete) operations on a student database using ADO.NET Entity Framework. The experiments provide the ASP.NET code and screenshots of the output for each program.
Datacon LA - MySQL without the SQL - Oh my!
My presentations from Datacon LA 202 on using MySQL as a NoSQL JSON document store as well as a traditional relation database
Let's creating your own PHP (tejimaya version)
This document discusses customizing PHP for one's own development needs. It suggests building PHP from source to add new error levels and notices, or to test scripts under different versions. Specific steps are outlined, like getting the PHP source from Git, configuring with desired extensions, making and installing it. Patches are provided that add new error constants and notices for environment-dependent code or potential backwards compatibility issues. Building one's own PHP is suggested to improve work or for fun, such as inserting semicolons automatically or adding keyword arguments.
State of Web Security RailsConf 2016
A wild ride through the dizzying highs and terrifying lows of web security in 2015. Take a look at some major breaches of the year, including some free beer!
We’ll look at how attack trends have changed over the past year and new ways websites are being compromised. We’ve pulled together data from all the sites we protect to show you insights on types and patterns of attacks, and sophistication and origin of the attackers.
After the bad, we’ll look at the good - new technologies like RASP are helping secure the web.
Bug Hunting Safari
This is a talk for CocoaConf Columbus talking about various breakpoints and why you should be using them
More Related Content
What's hot
Advanced SQL injection to operating system full control (slides)
Over ten years have passed since a famous hacker coined the term "SQL injection" and it is still considered one of the major web application threats, affecting over 70% of web application on the Net. A lot has been said on this specific vulnerability, but not all of the aspects and implications have been uncovered, yet.
It's time to explore new ways to get complete control over the database management system's underlying operating system through a SQL injection vulnerability in those over-looked and theoretically not exploitable scenarios: From the command execution on MySQL and PostgreSQL to a stored procedure's buffer overflow exploitation on Microsoft SQL Server. These and much more will be unveiled and demonstrated with my own tool's new version that I will release at the Conference (http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele).
These slides have been presented at Black Hat Euroe conference in Amsterdam on April 16, 2009.
Sql killedserver
This document discusses SQL skills and how queries can negatively impact server performance if not written efficiently. It covers topics like query plans, execution contexts, using parameters, indexing, handling large datasets, and external influences on SQL performance. Specific "bad" SQL examples are also provided and analyzed. The presenter aims to help developers optimize their SQL and prevent poorly written queries from bringing servers to their knees.
Sql injection 幼幼班
透過簡單的攻擊範例,說明四種常見的 SQL Injection (Union Based Injection、Error Based Injection、Boolean Based Blind Injection、Time Based Blind Injection),並介紹一款常用的工具 sqlmap。
SQL injection: Not only AND 1=1
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the Front Range OWASP Conference in Denver on March 5, 2009.
บทที่4
This document discusses using JavaServer Pages (JSP) and Structured Query Language (SQL) to build a web application that interacts with a database. It describes using JSP to generate HTML and JavaBeans to hold data, DAO objects to access the database, and SQL commands like INSERT to add records to database tables. It provides steps for creating a database table using Navicat and generating JavaBeans and DAO classes to insert member data into the database table from a JSP servlet.
บทที่ 4 การเพิ่มข้อมูลลงฐานข้อมูล
This document discusses using JSP and SQL to build a web application. It covers using servlets and JavaBeans to handle requests and responses. It also discusses using DAO objects to access a database, and using SQL commands like INSERT to add records to tables. Specific steps shown include creating a database table in Navicat, building JavaBeans with getters and setters, creating a DAO class to insert data, and using servlets to pass objects between the JSP page and DAO class.
Real-time Inverted Search in the Cloud Using Lucene and Storm
Building real-time notification systems is often limited to basic filtering and pattern matching against incoming records. Allowing users to query incoming documents using Solr's full range of capabilities is much more powerful. In our environment we needed a way to allow for tens of thousands of such query subscriptions, meaning we needed to find a way to distribute the query processing in the cloud. By creating in-memory Lucene indices from our Solr configuration, we were able to parallelize our queries across our cluster. To achieve this distribution, we wrapped the processing in a Storm topology to provide a flexible way to scale and manage our infrastructure. This presentation will describe our experiences creating this distributed, real-time inverted search notification framework.
Selenium Webdriver with data driven framework
This document describes a Selenium WebDriver data driven framework. It uses external files to store test data and object identifiers to make the framework more flexible and maintainable. The framework includes Java classes for reading test data from Excel files, retrieving object identifiers from property files, and implementing common test functions. Tests are implemented as Java classes that utilize the framework classes to login to a test application, retrieve test data, and verify application behavior.
Solr vs. Elasticsearch, Case by Case: Presented by Alexandre Rafalovitch, UN
Solr and Elasticsearch are both based on Lucene and provide full-text search and structured search capabilities. They differ in areas like configuration, indexing documents, and representing search parameters. Both allow indexing and searching large volumes of documents and facilitating fast and complex queries.
How to Use JSON in MySQL Wrong
The document discusses using JSON in MySQL. It begins by introducing the speaker and outlining topics to be covered, including why JSON is useful, loading JSON data into MySQL, performance considerations when querying JSON data, using generated columns with JSON, and searching multi-valued attributes in JSON. The document then dives into examples demonstrating loading sample data from XML to JSON in MySQL, issues that can arise, and techniques for optimizing JSON queries using generated columns and indexes.
Data Warehouse and Business Intelligence - Recipe 3
1) The document describes how to check that data loaded correctly from a source file to a staging table without using expensive ETL tools. It involves counting rows at each step and inserting the counts into check tables.
2) Key steps include writing a function to count rows in the source file, inserting counts of rows in the source file, external table, external view, and staging table into a detail check table.
3) A summary check is then performed by inserting the row counts from the detail table into a summary table along with a status of "OK" if all counts match or "NOT OK" otherwise.
Recipe 14 of Data Warehouse and Business Intelligence - Build a Staging Area ...
The goal of this article is to show how to design, build, load and manage a Staging Area for an Oracle Data Warehouse.In 20 minutes.
Elasticsearch, a distributed search engine with real-time analytics
An overview of Elasticsearch: main features, architecture, limitations. It includes also a description on how to query data both using REST API and using elastic4s library, with also a specific interest into integration of the search engine with Apache Spark.
Oracle to vb 6.0 connectivity
This document discusses how to connect to an Oracle database from Visual Basic 6 using ADO objects rather than an ADO data control. It explains how to declare ADO connection, recordset and command objects, open a connection to the database, execute a SQL query to populate the recordset, and set the recordset as the data source for a data grid control to display the results, allowing retrieval and display of data from Oracle without using the ADO data control.
SQLMAP Tool Usage - A Heads Up
SQLMAP is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Developing on SQL Azure
1) The document provides an overview of 5 key things developers should know about SQL Azure, including how to set up a connection string, issues of throttling and errors, tools for migration and management, and performance tuning tips.
2) Throttling occurs when a session acquires too many locks or resources and causes errors like 40501, and developers need retry logic to handle errors and disconnects.
3) Tools for SQL Azure include the SQL Azure Database Manager, SSMS 2008 R2, and the migration wizard.
4) Performance can be improved by addressing indexing, minimizing round trips, using connection pooling, and caching/batching data access.
Lab manual asp.net
The document contains the source code for 7-10 experiments in an ASP.NET Software Technology Lab Manual. The experiments cover topics like using dropdown lists, listboxes, textbox events, radio buttons, validation in textboxes, and data list controls in ASP.NET. It also includes a longer experiment on performing CRUD (create, read, update, delete) operations on a student database using ADO.NET Entity Framework. The experiments provide the ASP.NET code and screenshots of the output for each program.
Datacon LA - MySQL without the SQL - Oh my!
My presentations from Datacon LA 202 on using MySQL as a NoSQL JSON document store as well as a traditional relation database
What's hot (19)
Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)
Real-time Inverted Search in the Cloud Using Lucene and Storm
Real-time Inverted Search in the Cloud Using Lucene and Storm
Solr vs. Elasticsearch, Case by Case: Presented by Alexandre Rafalovitch, UN
Solr vs. Elasticsearch, Case by Case: Presented by Alexandre Rafalovitch, UN
Data Warehouse and Business Intelligence - Recipe 3
Data Warehouse and Business Intelligence - Recipe 3
Recipe 14 of Data Warehouse and Business Intelligence - Build a Staging Area ...
Recipe 14 of Data Warehouse and Business Intelligence - Build a Staging Area ...
Elasticsearch, a distributed search engine with real-time analytics
Elasticsearch, a distributed search engine with real-time analytics
Viewers also liked
Let's creating your own PHP (tejimaya version)
This document discusses customizing PHP for one's own development needs. It suggests building PHP from source to add new error levels and notices, or to test scripts under different versions. Specific steps are outlined, like getting the PHP source from Git, configuring with desired extensions, making and installing it. Patches are provided that add new error constants and notices for environment-dependent code or potential backwards compatibility issues. Building one's own PHP is suggested to improve work or for fun, such as inserting semicolons automatically or adding keyword arguments.
State of Web Security RailsConf 2016
A wild ride through the dizzying highs and terrifying lows of web security in 2015. Take a look at some major breaches of the year, including some free beer!
We’ll look at how attack trends have changed over the past year and new ways websites are being compromised. We’ve pulled together data from all the sites we protect to show you insights on types and patterns of attacks, and sophistication and origin of the attackers.
After the bad, we’ll look at the good - new technologies like RASP are helping secure the web.
Bug Hunting Safari
This is a talk for CocoaConf Columbus talking about various breakpoints and why you should be using them
Exploiting Firefox Extensions
Hundreds of Firefox addons are created every week. Millions of users download them. Some addons are even recommended by the Mozilla community, and users implicitly trust them. We don't trust a single one, and we will show you why.
This talk details how we have abused some of the most popular and recommended Firefox addons, with previously unreleased vulnerabilities. From the Mozilla download statistics, over 15 million users are potentially affected. Demos will cover remote code execution, local file disclosure and other tailored Firefox Addon exploits.
Don't panic - the Addons manager can be found under the 'Tools' tab in your Firefox menu. We expect to see a lot of people clicking the "Uninstall" button after this presentation.
Cross Context Scripting attacks & exploitation
Cross Context Scripting (XCS) is a type of XSS (Cross Site Scripting) injection which occurs from an untrusted zone, typically a web page on the Internet into the context of a trusted browser zone.
XSS injection in a trusted browser zone can be 'lethal', as injected payload runs as privileged code. No SOP (Same-Origin Policy) restrictions are enforced and direct interfacing with the underlying OS is possible.
To exploit such bugs, there is no need to use ROP gadgets, spray the heap or attempt other complex techniques. At the opposite, only few elements are required for a successful exploit, such as the right injection point and a tailored exploit payload.
This presentation will examine XCS in details and will provide a demonstration of XCS exploits of both unpatched and patched vulnerabilities in Firefox, Opera, Maxthon and Avant browsers.
Reversing JavaScript
This document provides an overview of JavaScript reversing techniques. It discusses JavaScript technologies like the DOM, Ajax, and JSON. It covers security aspects like the same-origin policy. It provides tips for analyzing JavaScript using tools like Firebug. It also demonstrates finding vulnerabilities like DOM-based XSS and reversing obfuscated JavaScript.
Philip Hung Cao - Cloud security, the journey has begun
This 3 sentence document expresses gratitude to sponsors. It thanks sponsors for their generous support in a respectful and polite manner. The document shows appreciation for those who have contributed funding or resources.
Bridging the gap - Security and Software Testing
When performing a security testing, I often sit in a room with other QA and Software testers.
During that time, it is likely I receive questions such as: "Roberto, are you hacking this? Are you breaking
this again? What exactly are you testing?"
Whi l e talking to them I realise there is an information gap between us, especially when they share
information which is essential for my testing and crucial to identify security vulnerabilities.
After a good number of security tests, I came to a conclusion that people in our industry do not realise that
software testing and security testing have a lot to share.
This talk intends to reduce that information gap and provides an introduction to security software testing,
methodologies, and most importantly offers some food for thought to stimulate synergy between security
and software testers
Xml external entities [xxe]
XXE: The XML Backdoor. Your XML parser is probably broken. This talk will outline an little-known attack vector targeting XML parser in web applications called XML External Entity (XXE) Processing. https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
1) The document discusses several vulnerabilities in modern web applications including AngularJS template injection, server-side template injection in frameworks like Smarty and Twig, CSV injection, and Java object deserialization vulnerabilities.
2) It provides details on detecting and exploiting these vulnerabilities with examples of payloads and real-world cases that have been discovered.
3) The document includes demonstrations of exploiting template injection in Piwik and AngularJS, server-side template injection in Flask and Alfresco, and Java deserialization in applications like JBoss and Jenkins.
15 Years of Web Security: The Rebellious Teenage Years
This document summarizes Jeremiah Grossman's 15 years of experience in web security and the state of application security. It discusses threat actors targeting websites, the growing costs of data breaches and cyber insurance, challenges with vulnerability remediation, and the need for more effective software development processes and addressing skill shortages. WhiteHat Security helps companies find and fix application vulnerabilities before exploits.
Million Browser Botnet
http://blackhat.com/us-13/briefings.html#Grossman
Online advertising networks can be a web hacker’s best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow you to broadly distribute arbitrary javascript -- even malicious javascript! You are SUPPOSED to use this “feature” to show ads, to track users, and get clicks, but that doesn’t mean you have to abide. Absolutely nothing prevents spending $10, $100, or more to create a massive javascript-driven browser botnet instantly. The real-world power is spooky cool. We know, because we tested it… in-the-wild.
With a few lines of HTML5 and javascript code we’ll demonstrate just how you can easily commandeer browsers to perform DDoS attacks, participate in email spam campaigns, crack hashes and even help brute-force passwords. Put simply, instruct browsers to make HTTP requests they didn’t intend, even something as well-known as Cross-Site Request Forgery. With CSRF, no zero-days or malware is required. Oh, and there is no patch. The Web is supposed to work this way. Also nice, when the user leaves the page, our code vanishes. No traces. No tracks.
Before leveraging advertising networks, the reason this attack scenario didn’t worry many people is because it has always been difficult to scale up, which is to say, simultaneously control enough browsers (aka botnets) to reach critical mass. Previously, web hackers tried poisoning search engine results, phishing users via email, link spamming Facebook, Twitter and instant messages, Cross-Site Scripting attacks, publishing rigged open proxies, and malicious browser plugins. While all useful methods in certain scenarios, they lack simplicity, invisibility, and most importantly -- scale. That’s what we want! At a moment’s notice, we will show how it is possible to run javascript on an impressively large number of browsers all at once and no one will be the wiser. Today this is possible, and practical.
110864103 adventures-in-bug-hunting
This document describes the process of debugging a packet sniffing issue when using bonded ethernet interfaces on Linux. The bug was initially found when incoming packets were not being detected when sniffing individual physical interfaces, even though outgoing packets were working. After carefully examining assumptions and digging through the kernel and libpcap code, the bug was found to be: 1) the kernel was overwriting the packet's device field, and 2) an older version of libpcap was incorrectly handling packets when using its legacy retrieval method. Updating the kernel fix and libpcap resolved the issue.
Richard Johnson, high performance fuzzing
This document discusses techniques for improving the performance of fuzzing programs. It explains that most CPU cycles in fuzzing are wasted on program loading and initialization rather than actual fuzzing. The document recommends optimizing target selection to minimize code size, using smaller input files, and selecting mutators that are most likely to trigger new code paths. It also discusses using techniques like in-memory fuzzing and thin wrappers to improve efficiency. Overall it emphasizes the importance of quantitative and qualitative analysis to optimize fuzzer designs and strategies.
Pham Ngọc Bắc - An toàn thông tin dưới góc nhìn Quản lý theo tiêu chuẩn
Quốc...
Pham Ngọc Bắc - An toàn thông tin dưới góc nhìn Quản lý theo tiêu chuẩn
Quốc tế ISO/IEC 27001
XML と PHP のイケナイ関係 (セキュリティ的な意味で) -Introduction of XXE attack and XML Bomb with...
*English subtitles are available.*
Web アプリ界隈、特に日本ではまだあまり知られていないと思われる XXE や XML Bomb (XML Entity Expansion) というセキュリティ脆弱性の概要、 PHP の機能と組み合わせた攻撃手法、主に PHP 周りでの発覚事例や、対策方法について説明します
Trần Anh Khoa - Kautilya và Powershell
trong kỹ thuật tấn công tiếp cận
Security Bootcamp 2016 - Kautilya và Powershell
trong kỹ thuật tấn công tiếp cận
Owasp Top 10 A1: Injection
This document discusses injection vulnerabilities like SQL, XML, and command injection. It provides examples of how injection occurs by mixing commands and data, including accessing unauthorized data or escalating privileges. The speaker then discusses ways to prevent injection, such as validating all user input, using prepared statements, adopting secure coding practices, and implementing web application firewalls. The key message is that applications should never trust user input and adopt defense in depth techniques to prevent injection vulnerabilities.
Augmented reality in your web proxy
This talk intends to demonstrate how to improve web application security testing by combining browser automation framework and web proxy API.
The goal of this research is to bring a web proxy as close as possible to a browser to achieve a better security testing coverage, especially when dealing with complex client-side technology.
The presentation includes a montage of real case scenarios, showing how this approach can lead to the discovery of vulnerabilities which might otherwise go unnoticed.
Exploratory Testing As A Quest
Exploratory testing is described as a thoughtful, focused, and disciplined approach similar to solving quests or puzzles in a game. The tester designs and executes tests simultaneously based on information gained from previous tests, unlike scripted testing which follows a predetermined plan. It requires skills like observation, critical thinking, generating diverse ideas, and using various resources to test effectively. Both exploratory and scripted testing have benefits depending on the context, but exploratory is best suited for tasks like testing where the path is not fully known in advance.
Viewers also liked (20)
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begun
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
Pham Ngọc Bắc - An toàn thông tin dưới góc nhìn Quản lý theo tiêu chuẩn
Quốc...
Pham Ngọc Bắc - An toàn thông tin dưới góc nhìn Quản lý theo tiêu chuẩn
Quốc...
XML と PHP のイケナイ関係 (セキュリティ的な意味で) -Introduction of XXE attack and XML Bomb with...
XML と PHP のイケナイ関係 (セキュリティ的な意味で) -Introduction of XXE attack and XML Bomb with...
Trần Anh Khoa - Kautilya và Powershell
trong kỹ thuật tấn công tiếp cận
Trần Anh Khoa - Kautilya và Powershell
trong kỹ thuật tấn công tiếp cận
Similar to Asegúr@IT IV - Remote File Downloading
ShmooCON 2009 : Re-playing with (Blind) SQL Injection
Talk delivered by Chema Alonso & Jose Palazon "Palako" in ShmooCON 2009 at Washington about SQL Injection, Blind SQL Injection, Time-Based Blind SQL Injection, RFD (Remote File Downloading) and Serialized SQL Injection. http://www.slideshare.net/chemai64/timebased-blind-sql-injection-using-heavy-queries-34887073
Time-Based Blind SQL Injection using Heavy Queries
This presentation was delivered in Defcon 16 held in Las Vegas in 2008. It´s about Blind SQL Injection Techniques.
How "·$% developers defeat the web vulnerability scanners
Share Favorite
Favorited X
Download More...
Favorited! Want to add tags? Have an opinion? Make a quick comment as well. Cancel
Edit your favorites Cancel
Send to your Group / Event Select Group / Event
Add your message Cancel
Post toBlogger WordPress Twitter Facebook Deliciousmore share options .Embed For WordPress.com
Without related presentations
0 commentsPost a comment
Post a comment
..
Embed Video Subscribe to follow-up comments Unsubscribe from followup comments .
Edit your comment Cancel .Notes on slide 1
no notes for slide #1
no notes for slide #1
..Favorites, Groups & Events
more
How "·$% developers defeat the web vulnerability scanners - Presentation Transcript
1.How ?¿$·& developers defeat the most famous web vulnerability scanners …or how to recognize old friends Chema Alonso Informática64 José Parada Microsoft Ibérica
2.Agenda
1.- Introduction
2.- Inverted Queries
3.- Arithmetic Blind SQL Injection
4.- Time-Based Blind SQL Injection using Heavey Queries
5.- Conclusions
3.1.-Introduction
4.SQL Injection is still here among us
5.Web Application Security Consortium: Comparision http://projects.webappsec.org/Web-Application-Security-Statistics 12.186 sites 97.554 bugs
6.Need to Improve Automatic Scanning
Not always a manual scanning is possible
Time
Confidentiality
Money, money, money…
Need to study new ways to recognize old fashion vulnerabilities to improve automatic scanning tools.
7.2.-Inverted Queries
8.
9.Homers, how are they?
Lazy
Bad trainined
Poor Experience in security stuff
Don´t like working
Don´t like computing
Don´t like coding
Don´t like you!
10.Flanders are Left-handed
11.Right
SELECT UID
FROM USERS
WHERE NAME=‘V_NAME’
AND
PASSWORD=‘V_PASSW’;
12.Wrong?
SELECT UID
FROM USERS
WHERE ‘V_NAME’=NAME AND
‘ V_PASSW’=PASSWORD
13.Login Inverted Query
Select uid
From users where ‘v_name’=name and ‘v_pass’=password
http://www.web.com/login.php?v_name=Robert&v_pass=Kubica’ or '1'='1
Select uid
From users where ‘Robert’=name and ‘Kubica’ or ‘1’=‘1’=password
FAIL
14.Login Inverted SQL Injection an example
Select uid
From users where ‘v_name’=name and ‘v_pass’=password
http://www.web.com/login.php?v_name=Robert&v_pass=’=‘’ or ‘1’=‘1’ or ‘Kubica
Select uid
From users where ‘Robert’=name and ’’=‘’ or ‘1’=‘1’ or ‘Kubica’=password
Success
15.Blind Attacks
Attacker injects code but can´t access directly to the data.
However this injection changes the behavior of the web application.
Then the attacker looks for differences between true code injections (1=1) and false code injections (1=2) in the response pages to extract data.
Blind SQL Injection
Biind Xpath Injection
Blind LDAP Injection
16.Blind SQL Injection Attacks
Attacker injects:
“ True where clauses”
“ False where clauses“
Ex:
Program.php?id=1 and 1=1
Program.php?id=1 and 1=2
Program doesn’t return any visible data from database or data in error messages.
The attacker can´t see any data extracted from the database.
17.Blind SQL Injection Attacks
Attacker analyzes the response pages looking for differences between “True-Answer Page” and “False-Answer Page”:
Different hashes
Different html structure
Different patterns (keywords)
Different linear ASCII sums
“ Different behavior”
By example: Response Time
18.Blind SQL Injection Attacks
If any difference exists, then:
Attacker can extract all information from database
How? Using “booleanization”
MySQL:
Program.php?id=1 and 100>(ASCII(Substring(user(),1,1)))
“ True-Answer Page” or “False-Answer Page”?
MSSQL:
Program.php?id=1 and 100>(Select top 1 ASCII(Substring(name,1,1))) from sysusers)
Oracle:
Program.php?id=1 and 100>(Select ASCII(Sub
Understanding and preventing sql injection attacks
SQL Injection attacks are one of the most common hacker tricks used on the web. Learn what a SQL injection attack is and why you should be concerned about them.
This all new session is loaded with demos. You’ll get to witness first-hand several different types of SQL injection attacks, how to find them, and how to block them.
Sql injection
This document discusses SQL injection attacks and how to mitigate them. It begins by explaining how injection attacks work by tricking applications into executing unintended commands. It then provides examples of how SQL injection can be used to conduct unauthorized access and data modification attacks. The document discusses techniques for finding and exploiting SQL injection vulnerabilities, including through the SELECT, INSERT, UPDATE and UNION commands. It also covers ways to mitigate injection attacks, such as using prepared statements with bound parameters instead of concatenating strings.
Sql lite android
This document discusses using SQLite databases in Android applications. SQLite is an embedded SQL database that does not require a separate server. It is included in the Android SDK and can be used to create and query database files. The document explains how to open a database, create tables, insert/update/delete rows using SQL queries, and retrieve data using cursors. Raw queries and simple queries can be used to perform retrieval queries on a single table. Transactions are used to commit or roll back changes to the database.
Chapter 3.pptx Oracle SQL or local Android database setup SQL, SQL-Lite, codi...
SQLite is an embedded SQL database that is included within Android applications. It allows creating, querying, and modifying a database without a separate server process. Developers can open and query a SQLite database using methods like openDatabase(), rawQuery(), execSQL(), and insert()/update()/delete(). This allows storing and retrieving application data, even when the device is offline.
Advanced Sql Injection ENG
The document discusses various techniques for exploiting SQL injection vulnerabilities, including classical and blind SQL injection. It provides examples of exploiting SQL injection on different database management systems like MySQL, PostgreSQL, Oracle, and Microsoft SQL Server. It also discusses methods for bypassing web application firewalls during SQL injection attacks.
SQL Server Security - Attack
The document discusses SQL Server security attacks and defenses. It outlines how attackers can fingerprint servers, acquire user accounts through brute force or SQL injection, and escalate privileges. It then provides recommendations for securing SQL Server deployments through configuration hardening, input validation, patching, and access control best practices.
SQL2SPARQL
1. The document describes an application that transforms SQL queries into equivalent SPARQL queries to run on an RDF representation of a database.
2. It explains how the SQL database tables are transformed into RDF format, with each table becoming an RDF namespace and records becoming RDF triples.
3. The application works by parsing the SQL query, running it on the database, and then generating a SPARQL query with the necessary prefixes, type declarations, select fields, and filters to give the same results when run on the RDF data.
Sql Injection Attacks(Part1 4)
The document discusses a SQL injection attack targeting Microsoft SQL servers that was observed in the website's server logs. It decodes the hexadecimal payload from the query string to reveal SQL code attempting to retrieve table and column names to then inject script tags linking to an external JavaScript file hosted on a Chinese domain. The document provides information on how to detect and prevent such attacks, including input sanitization, intrusion detection rules, and securing forms and queries. It also analyzes the behavior and payloads of the malicious JavaScript.
Sqlmap
A basic tutorial on using sqlmap on Kali Linux for sql injection.
The main focus being on comparison between manual and automated sql injection.
Some important parameters discussed and steps to be taken to discover vulnerabilities
By rushikesh kulkarni, president of Anonymous Club of BMSCE
Chapter 14 sql injection
This document discusses SQL injection attacks and how to mitigate them. It begins by defining injection attacks as tricks that cause an application to unintentionally include commands in user-submitted data. It then explains how SQL injection works by having the attacker submit malicious SQL code in a web form. The document outlines several examples of SQL injection attacks, such as unauthorized access, database modification, and denial of service. It discusses techniques for finding and exploiting SQL injection vulnerabilities. Finally, it recommends effective mitigation strategies like prepared statements and input whitelisting to protect against SQL injection attacks.
03. sql and other injection module v17
This document discusses SQL injection and ways to prevent it. SQL injection occurs when malicious SQL statements are inserted into an insufficiently validated string that is later executed as a database command. It can allow attackers to read or modify data in the database. The document outlines different types of SQL injection attacks and provides examples of how input validation and prepared statements can prevent injection. It also discusses command injection and file path traversal attacks.
Python database access
The Python DB-API standard supports connecting to and interacting with many database servers like MySQL, PostgreSQL, and Oracle. To access a database, a Python module like MySQLdb must be installed. Code examples demonstrate how to connect to a MySQL database, create tables, insert/update/delete records, and handle errors according to the DB-API. Transactions ensure data integrity using atomicity, consistency, isolation, and durability properties.
Hackers Paradise SQL Injection Attacks
SQL injection attacks occur when malicious SQL statements are injected into an application's existing SQL commands, potentially allowing attackers to alter or destroy database contents. Attackers can exploit vulnerabilities like unvalidated user input or direct use of dynamic SQL queries. To prevent this, developers should follow practices like input validation, parameterizing queries, and limiting database account privileges to only what is necessary.
Sql injection
SQL injection is a common web application security vulnerability that allows attackers to control an application's database by tricking the application into sending unexpected SQL commands to the database. It works by submitting malicious SQL code as input, which gets executed by the database since the application concatenates user input directly into SQL queries. The key to preventing SQL injection is using prepared statements with bound parameters instead of building SQL queries through string concatenation. This separates the SQL statement from any user-supplied input that could contain malicious code.
SQL Injection
This document discusses SQL injection and the sqlmap tool for automating the process of detecting and exploiting SQL injection flaws. Some key points:
- SQL is a programming language used to manage data in relational database management systems. SQL injection occurs when malicious SQL code is inserted into an entry field for execution, potentially enabling control of the entire database.
- Sqlmap automates the process of detecting and exploiting SQL injection vulnerabilities. It has capabilities like database fingerprinting, data extraction, accessing the underlying file system, and executing commands on the operating system via SQL injections.
- The tool can detect injectable parameters, generate automatic payloads to retrieve data, fingerprint the database management system, and provide an interactive SQL shell
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 has many new features that you probably need to know about but don't. Like default security, window functions, CTEs, CATS (not what you think), JSON_TABLE(), and UTF8MB4 support.
Sql injection manish file
This document provides information about SQL injection vulnerabilities and how to use the SQLMap tool to exploit them. It discusses the different types of SQL injections, how they work, and their impact. It then describes SQLMap's features for detecting and exploiting SQL injections, such as enumerating databases, tables, columns, and dumping data. It lists useful SQLMap option keys and provides an overview of how to use SQLMap to identify and exploit SQL injection vulnerabilities.
Similar to Asegúr@IT IV - Remote File Downloading (20)
ShmooCON 2009 : Re-playing with (Blind) SQL Injection
ShmooCON 2009 : Re-playing with (Blind) SQL Injection
Time-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy Queries
How "·$% developers defeat the web vulnerability scanners
How "·$% developers defeat the web vulnerability scanners
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacks
Chapter 3.pptx Oracle SQL or local Android database setup SQL, SQL-Lite, codi...
Chapter 3.pptx Oracle SQL or local Android database setup SQL, SQL-Lite, codi...
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
More from Chema Alonso
CyberCamp 2015: Low Hanging Fruit
La labor de gestionar la seguridad de una empresa suele ser como bailar sobre el alambre. Hay que permitir que el negocio siga funcionando, estar a la última, proteger lo ya implantado e innovar en cosas nuevas. Eso sí, de forma más eficiente cada año y con menos presupuesto. Todo ello, con el objetivo de no que no pase nada. La conclusión de esto es que al final siempre queda Long Hanging Fruit para que cualquiera se aproveche.
Índice Pentesting con Kali 2.0
Índice del libro Pentesting con Kali Linux 2.0 que ha publicado la editorial 0xWord http://0xword.com/es/libros/40-libro-pentesting-kali.html
Configurar y utilizar Latch en Magento
Tutorial realizado por Joc sobre cómo instalar y configurar Latch en el framework Magento. El plugin puede descargarse desde https://github.com/jochhop/magento-latch y tienes un vídeo descriptivo de su uso en http://www.elladodelmal.com/2015/10/configurar-y-utilizar-latch-en-magento.html
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
Diapositivas de la presentación impartida por Chema Alonso durante el congreso CELAES 2015 el 15 de Octubre en Panamá. En ella se habla de cómo en Eleven Paths y Telefónica se utilizan las tecnologías Tacyt, Sinfonier y Faast para luchar contra el e-crime.
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
The document discusses new paradigms in digital identity, including authentication and authorization as a service (AuthaaS). It describes the different types of digital identities (physical, corporate, social), and proposes a model where mobile devices can be used for multi-factor authentication and authorization. The model provides different levels of authentication from basic to strong, and allows companies to apply access control strategies across traditional IT environments and IAM solutions through services like one-time passwords and digital locks.
CritoReto 4: Buscando una aguja en un pajar
Los últimos meses la contrainteligencia británica ha avanzado a pasos agigantados en la localización de agentes rusos activos en suelo inglés. Los avances en criptoanálisis, del ahora ascendido Capitán Torregrosa, han permitido localizar el punto central de trabajo de los agentes rusos. Después de días vigilando “Royal China Club”, no se observa ningún movimiento, da la sensación que no es un lugar de encuentro habitual, aunque según las informaciones recopiladas los datos más sensibles de los operativos rusos se encuentran en esa localización. Por este motivo, se decide entrar en el club y copiar toda la información para analizarla. Entre las cosas más curiosas encontradas, se observa un póster en la pared con una imagen algo rara y una especie de crucigrama, así como un texto impreso en una mesa. Ningún aparato electrónico excepcional ni nada aparentemente cifrado. ¿Podrá la inteligencia británica dar por fin con los agentes rusos? El tiempo corre en su contra…
Dorking & Pentesting with Tacyt
Talk delivered by Chema Alonso at RootedCON Satellite (Saturday 12th of September 2015) about how to do hacking & pentesting using dorks over Tacyt, a Big Data of Android Apps
Pentesting con PowerShell: Libro de 0xWord
Índice del libro "Pentesting con PowerShell" de 0xWord.com. Tienes más información y puedes adquirirlo en la siguiente URL: http://0xword.com/es/libros/69-pentesting-con-powershell.html
Foca API v0.1
Manual de cómo usar la API de FOCA para poder desarrollar plugins. Ejemplo de un plugin sencillo en .NET
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Artículo de Windows Técnico que muestra cómo recuperar dispositivos de sonido en Windows Vista y Windows 7 cuando estos desaparecen. Más información en http://www.elladodelmal.com
It's a Kind of Magic
Charla impartida por Chema Alonso en el congreso Internet 3.0 el 24 de Abril de 2015 en Alicante sobre cómo la gente que cree en las soluciones mágicas y gratuitas acaba siendo estafada o víctima de fraude. Todas las partes de la presentación llevan sus enlaces a los artículos correspondientes para ampliar información.
Ingenieros y hackers
El documento presenta una serie de nombres de ingenieros y hackers asociados con la compañía elevenpaths.com. Al final, incluye un mensaje que indica que no es necesario ser ingeniero para ser hacker o viceversa, pero que la combinación de ambas habilidades es muy valiosa para la compañía.
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Cuarta Edición del Curso Online de Especialización en Seguridad
Informática para la Ciberdefensa
Del 4 de mayo al 4 de junio de 2015
Orientado a:
- Responsables de seguridad.
- Cuerpos y fuerzas de seguridad del Estado.
- Agencias militares.
- Ingenieros de sistemas o similar.
- Estudiantes de tecnologías de la información
Auditoría de TrueCrypt: Informe final fase II
Informe con los resultados de la fase II del proceso de auditoría del software de cifrado de TrueCrypt que buscaba bugs y posibles puertas traseras en el código.
El juego es el mismo
Presentación utilizada en charlas sobre ciberguerra, ciberespionaje y ciberinteligencia con fuentes OSINT.
El Hardware en Apple ¿Es tan bueno?
La mayoría de la gente tiene una buena concepción del hardware de Apple. En este artículo, José Antonio Rodriguez García intenta desmontar algunos mitos.
Latch en Linux (Ubuntu): El cerrojo digital
Artículo de cómo fortifica Linux (Ubuntu) con Latch: El cerrojo digital. El paper ha sido escrito por Bilal Jebari http://www.bilaljebari.tk/index.php/es/blog/5-latch-en-ubuntu
Hacking con Python
Este documento contiene información sobre diferentes técnicas de hacking avanzado y análisis de malware utilizando Python. Se cubren temas como ataques en redes locales, fuzzing, depuración de software, anonimato con TOR e I2P, amenazas persistentes avanzadas (APT), inyección de código malicioso, análisis de memoria y malware, y el desarrollo de herramientas para espiar víctimas y representar servidores en una red. El documento está organizado en cuatro capítulos principales y vari
Shuabang Botnet
Talk delivered by Chema Alonso in CyberCamp ES 2014 about Shuabang Botnet discoverd by Eleven Paths. http://www.slideshare.net/elevenpaths/shuabang-with-new-techniques-in-google-play
Tu iPhone es tan (in)seguro como tu Windows
Charla dada por Chema Alonso en Five Talks sobre cómo funciona la seguridad de iPhone. Más información y detalles en el libro Hacking iOS {iPhone & iPad} http://0xword.com/es/libros/39-libro-hacking-dispositivos-ios-iphone-ipad.html
More from Chema Alonso (20)
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Recently uploaded
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Dandelion Hashtable: beyond billion requests per second on a commodity server
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
5th LF Energy Power Grid Model Meet-up Slides
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
A Comprehensive Guide to DeFi Development Services in 2024
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
dbms calicut university B. sc Cs 4th sem.pdf
Its a seminar ppt on database management system using sql
JavaLand 2024: Application Development Green Masterplan
My presentation slides I used at JavaLand 2024
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Building Production Ready Search Pipelines with Spark and Milvus
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
TrustArc Webinar - 2024 Global Privacy Survey
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.Public CyberSecurity Awareness Presentation 2024.pptx
Cyber security awareness slides for a busisness by TreeTop Security
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Recently uploaded (20)
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
Asegúr@IT IV - Remote File Downloading
- 1. Chema Alonso Informática64 MS MVP Windows Security [email_address]
- 18. SQL Server 2k5