Black Hat Europe | Advanced SQL Injection To Operating System Full Control

This white paper discusses the security exposures of a server that occur due to a SQL injection aw in a web application that communicates with a database.

Over ten years have passed since a famous hacker coined the term SQL injection and it is still considered one of the major application threats. A lot has been said on this vulnerability, but not all of the aspects and implications have been uncovered, yet.

This paper aim is to collate some of the existing knowledge, introduce new techniques and demonstrate how to get complete control over the database management system’s underlying operating system, le system and internal network through a SQL injection vulnerability in over-looked and theoretically not exploitable scenarios.


SQL injection attack is not new. The basic concept behind this attack has been
described over ten years ago by Jee Forristal1 on Phrack2 issue.

The Open Web Application Security Project3 stated in the OWASP Top Ten project4 that injection aws[58], particularly SQL injection, is the most common and dangerous web application vulnerability, second only to Cross Site Scripting. The question now is: How far can an attacker go by exploiting a SQL injection? . This is addressed in this paper. and much much more…

Download: BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf (472.7 KB)