|
|
|
Security Researcher to Unveil Database Server Hack at Black Hat Europe
By: Brian Prince
2009-04-02
Article Rating: / 1
There are 0 user comments on this Network Security & Hardware story.
A security researcher plans to demonstrate attacks that use SQL injection as a stepping stone to take full control of database servers at the upcoming Black Hat Europe conference. If successfully exploited, the attacks give the hacker complete control over the database server operating system, file system and the rest of the internal network machines.SQL injection consistently rates as one of the top vulnerabilities
affecting Web applications. But for all the attention paid to it, one
researcher feels the full impact of SQL injection has yet to be
fully demonstrated in public.
This month at Black Hat Europe, security researcher Bernardo Damele Assumpcao Guimaraes
plans to rectify that by exploring ways SQL injection can be
used in a multistage attack to threaten your internal network.
The presentation will focus on how to exploit a single vulnerability
in a Web application to get complete control of the database
server and endanger the internal network as a whole, he
explained.
The vulnerability itself can be considered as a stepping stone to
the actual target, which is the complete control of its server, either
operating system, file system or the rest of the internal network
machines, he said. Once the attacker detects a SQL injection flaw on
the Web application, he can manipulate the SQL statement that is passed
from the application to the database server, which is then executed. By
abusing some database design flaws and functionalities it is possible
for an attacker to perform a multistage attack to get complete control
over the database server operating system, file system and internal
network.
His presentation will cover MySQL, PostgreSQL and Microsoft SQL
Server running on either Linux or Windows in combination with the PHP,
ASP and ASP.Net Web application programming languages.
Among other things, the attacks he will demonstrate can be used to
achieve file access on the database's underlying file system and
operating system memory protection bypass.
As is standard at Black Hat conferences, he will also be releasing a tool in this case, a new version of sqlmap -
that can be used to launch these attacks as well as an exploit for
a vulnerability affecting Microsoft SQL Server that was patched in
February. A whitepaper on the hacks is forthcoming as well.
In general, to protect themselves against SQL injection, enterprises
should look to harden their database servers properly as well as
maintain a commitment to the security development lifecycle, he said.
They should also look to implement well-configured Web Intrusion
Prevention System solutions based on anomaly detection, the researcher
added.
There is still not enough attention in the software development
lifecycle to security, he said. It's an easy-to-detect flaw and can
easily lead to data exfiltration and manipulationa lot has been said
on this specific vulnerability, but not all of the aspects and
implications have been uncovered yet.
The Black Hat Europe conference will be held in Amsterdam from April 14-17.
|
|
�������x}r㶲s\@♵M푦dKbY^fI*�EB�c"){�e��oВ/3m��Fwh4#oo�D.]ݴ1ܦd���胿O$w�}���Lj9UQ#C3W)9bPg�34mZΠN@\��~}@^}fw��D%x�_'Щ=ѩ:wɄZIPQۗ>}^~l�.hrL⎲IlG
t�uO`aZN<�QfERΎȏ�mm$oQX}:[S=2tS�[�BT!|DJ%h�!�G�Qus?;~'�f^��B(ƻ�F {iZ�Gdh�vu=yͰ
{�� /�\1r.b,ѽ;�@M*6��L=TVE�;&�3Ãtf?D���k��N\^"Z�Sˆ螥��ɧ5�f�5I
�`�1l{`�2�E%$�7
V�.lq���7`=Ķ|h��:�]�uh?AuoczV[u�wcϝ;�{I�V%X䄍ER'�>6O(�|@?�I
�uBģZ�r$˺79hm�wy�a�kjtU�P)�^�}m˙p*sgyÝ3j۟]*eU�ӻj_\H�QPw;w@�ږV�a(:ӛn{'Wݏw~@.�{A~�$Vj��}�&
D%\.�I&0h�5&�ttXB^�,> x�[�n9,��4E;
KHr�gSd!XI#/YTU9Df9iNMҺnoڽ�N/Nnڭ3do̲5<�JEӀ��Z�vf�!?[�۳5mٽ푳
i>O[=dO#t: +?;VV'_ZUCp3�['^=:$z>54�01\�]Z-�Jj=2�iuL�xe$Y-r$\;�;Beu#�77g�$̛cM�|�Ip6L2T��c��]N�jGo_[ ZPĿ� G/<@'D5kSf�M�r,e��g{0@�M)��61t�k
�3!RBʼ��ۤ%/^(P%!P샖_.[�
jFTwIQ��Q#�=^f/\��RRG��1�Al8{ØWҽT7wsY�iغ�|08�NכUsN�VVt]ۻ0eя0-*�<�ZVW.~zy�8^%g�5F8�,i�eݴ%!�8WG5MGR>Mfz\�CU9-|�Qnl�:2X�
jX1nґ>>�Ӂ��AkӧIΎ|Z�ꎓx�>:AGA�ticš�h/@7&��h`C}ҍ:L���
wG|h��x:,,Abχ�&a`M?C0CG�E�6]�LR}>t9q�HhS0<�zw0[[S衟�#j{t(
u�,/��{@`\@�8�Hp�yY?9���>�o ��gk
6G~[>l0��s�yF�@i0x�z�dQJ
d��� 4.gP)AH �=��� \��99Y�
�ŊH~ޑ�vZ*&R��P*m=!ԑt݁Z*}.�gR1eb -d[b�~I�l�
eV&vϏa[LboD��6�]�,�S�mo3-m�uk�{XT5\O4MhFa�f�z{@ZWgޓe�K0w�?e!1s WQ�'&�s�?�\
��A\�:�f�fX�fZ1k`Ba�Ǻ@����2iISˁ�2&$rTD��L˄r&�6`g3ۢf0�8�鶉�s3t7N{�=p
�TfЬ||=厬m[4�@~.&](LuΩ�J�J&��k:HX3�j-y�s�pm
Os1r@@S*SN�T$�3�Q2}�=�˧�L)Eۋ�)I
SX-��8G4W- �'ٲZbY6(U7v/KƠT:�?oWu�R@�H�oh��m_eƠ�umLGi+-m"��
IPצ�(X�ke�zdxE��6*�&Cä
7
Py�\�{8`O�>7l{`(`R55 )Kۊ0$V-iV'fڹcK �l� �J;4
H�`�:wbbˡ\2�`NSw�AsmCz3O�D�dt��X*�bфː�l1��JoX�*,qRhjUMlbs(1@�/��ŵa�a�{�1rt\�b:tgyuؿ\Y�Z�îtՐүhM泛Vp��vG�:Le�"6X#�e/6�gWKH�Z`"o lX.)�UiH~�5<2.eX"�{��>dS�Oas,H�ҘЫHr�%&
gziDe�,\o秺�
#ؕGaWAܧ^۬a�D��e�80��C�-��Ko3=]wlSIBn�u
RN0C)Xk;���>=c"}Nt8�#H�u�~H�Lb�6Р����R�@�U.(L1�9�r�+b*X[8�P�:T�#;$ᦼ6t�߁Ē�:,C�5�P{Í{c�?4�]U�f�W.�̇�G>pZ�L�cv"O`��Q$O-pv�έ>]Ik0�1Sle`Sxt(�b=X7\U4Uud
XY 0�X>A,C�a&:�`B��E���lMc�M!y@{�y.WԲ'*+&�5b3�4��JmBښQ�2�ϡpjMFMS؇Qcm/jR9�Tڞ5^��ߜ]hD1(dQ@4@�]d�C@�3xbbU?3�>(l/M3$J1N�*,7ATSetjC<ϤͬN[,|ˀ�;7�um?\YKq\5PϦ�7|{k��D^
�>W9.^ٸ�Ĉ�ڗy;@<�uUJ _2X vL
C�s�#�d{���E;"qD�d���Ŏr�P=(RP�s�0:u+U��a-0/�K��)�K4�=�D"p-n�ōq\�zGdD"9�=!�?�=#x�0.{RJJ\�
$J+A:er,×v8TU��My�Ü**C�jM�a10r�n-sqI�['�۳ WLdSdP�R֬vӲ�K�&;bR/\v ?�+ZT�U.R`�U!7TQ_>ƞnR� X%7&^iZM$>JS-B�trQR5o�TbPQKJBgQ�!WfA#'.ɢ6A)M`8��hs%�sp:'S6PFz�ʇ���!I#�yF0×!��w�g�O@lB�=2�Œ�tH]66��1cn/`2N4{`�\%]-XǏt �Z:L�tS6dU��iZU
ՂVE'�پEmA(qd:)iQ}}ōaY�����L)߱~�9��C\Դ"hw
ĶRs'̅B:i�!`��X~VK�(��,�~w9ـo�|\V*
�rF2�R@BZNbNx<'�b$ /pLa��V*��79o~.RȓC+cI`���_q��n0DB*nLpgGccb^fsa`�zY*o��P�$�/I4]S2��:;Abd�zG]Itmٿ8"�ŞuYӾtXL8�t_w\uWGA\� ^->{q m4
}Uj_5[�17�WMip�-6z 5>6�
�`i8~{L(}ׇ?{9�Eul_K7�mu���-o�dٞD4|w;�Nqs�_>^voqcrپjI^k ��R}~u�yu4�"$eq�{hq0)MF�d0S�5!�xidL�i���-ҽin8`pR|0c-ɅHgbl���fa�oDq4a2yy�_aݪ�,d20�!&�Wtz�Z��E9����ǀzB�:�l/�ci%l9[(�
�`M/Щ
cA�LF�rEl&zRG�>egi�9/QANQ�):�*9Q{_[a8kѷo9Aߐ>O1Ok7�tE�dW(���h,�:fsF;H�d�Nlp
j_{`eSr�Fv�4/�E/p�ǻ��"Tc�8L,ӤN)fTD�xi'>(]ax!wl(q�%՝b"n(SAٺCO�,4m�SsS)��" �m$jRSfj�# $_2�I,v+6htlAz j��Ú�]e�/.iwwn�_"�,X-�WY+̦#/i\A1ۧp"�,GDd�CT䵤�
g[UHN~,j�#�81
t<œD�? "�rD.aC=?V��V$Mݝ:V0�i;F��Ɲ`/#�9ʼS�yaZ� G�Ww
./�v��}`Nȣ&k{��>�d̎Ƅ�{`s�k@לO(|sE3��<�l�]}��`�<��Up"|%a�xL}V3]vY��?{xX�T�D14'~4>/@
�̯�>���H-@^���=FoQ��p]9Qz AC~ol3r�~nהa4�}Fp?�Koҽ{᧥}e��rtS/TR{I6ӱ$BUUk
ۻ�ʾZEVe.tՓ^t9>r�X!��,F��Jf�z��Ӽ2hAh�l�3�O7�C]j`l_s1T��7?_gpKw�
�zK>+-R!ekE��wW�UKK��7ʲ�E�'%:�mחF�}
BĬh�wzQ%Fm?^��ϗ�t8/`8[&?�6#,eԢvXɇ�&Lj�3j+�dXZ���wy��<�e҅��""K5r`mj[�iC8ܴ`pՌ瞔v���QcX`�BE�D>aɬÐN��yEBR�y:�c� Զa�JY-'q;Y`�p�frI�O~U�|دƗ�Գz.$kO?*〜PfaA�K{�Cg̍�V)P��L܌g4:W�t�e)eU�"Ml=Q�gCpT�dP�%�;F n*��r9�:){�%$K~w2�g@V���\�zLet(�P6?1ahςn�x_1j�ğՄH��L@-H�rF"6|p4uYDx>�S1�EKأw�e0ZNzcuU�aA0A�Y
woR�[JX,d|?ɒ+v�oW�H\�JCyc�"[RX3�n8jA-ʼn/(hCr0F*�&"�Y%���N�)�R9E,�1 �L<��eH1!�0nS/�X3�Jk-
e�ъ�
VJ�V<ˏ�W�/GpؼI�~$#ggj3b,��(!e(�&Wk7OwjE\)'V��.)n o�)rS2:N�C=tmSO��G
+�N��H�dRtxXB\Ũ�:W�,H�\�A'!8i;"!t��pLR�)�u)гR۫E�ߠ�K*շt�=51;nnHRK om0-`{Bw
I+U%e�O�<#"1(�"�f~�Z,�G*5�zf̡%Uۖ9
/n1! \�R�R_lirQ�KsWDtiB(Ae=A(<�Ba+sp(.�QX.w�%"�mt1,r|�נ�%�}':üRon�ΕtCy8Pz�+cD=�tN]<"Ĥ2O1����Ac�x-z�Dy"!O|q'�,!�jmy��\Hg�ΌĘvSj{j3f����*4u��#�sT*ce��bm�_0!�&�`�${�ߋ&$ˎ�V�X-_|q0��n\7�vOV_dL��j��D� aVL�uMۣ�b�:?;0L�&ht.Xc4
>0-R`-��A�.�
� ��뫗"nXpQnH5b-I�e>[ЋLs�n
G ��|\Iݞt]�� bf# �8\��8[yl#��q��~&/376B=^gؒ1bLѯ/ǾYHmR�B0uO:�J8f�bGZDo9>/�l� I��1ݹ��]v
k�vי�'=<((�9c$�$�B'i蛙��c൨ ܋�BkOk-M^ĕ�jã+Ek11yxYC$�D� @$�"!x6㫐k�D3^ޒU!fT[Č&�F�A�g2+"3Яgn�/u{��roZ
50aB
zPh~~DKF 6�$lFM/q �Zd^n/FKCܒ_̃a7E�b?R�=�$3`Ԋ(
&ܻF:?f�_7.K{~i[��~}`i˼
|
^N�ړ-iİO:h��{8R[�xv1LyC15À�� Ous��wχxqS|;#D�<)fF<�@�ƏLຶh;�bwm=�Vڹzq� yK-y�-�J4s�577�ںs�yr�jLx�<ڢ
R��fcq�R�2ߞ x��lSaZG ~�r�ɗ�W*1̶!rB�RR,Cy^�)߲+UMhբ
fG@VT9>�q3Jn4rxjeԯ,2Xqe�c=�Hy1y�RI+��-ݳ�a3��R`cPߚRF�LtxZډ�BL�{?L�~�Ӄ�@�g?<��fl9
c;ZV]M�%縆^:]L��
NV�&_aw��ᷭ���kd\ &0ڱ�J
R
ݛ9�h̡j�4Z�u-u{
cD̋:��S�%gef�0̊�ےV�o5J�ۥ]�aiJ"%N'0���ݱtOX�%�#�5,�?_J }+6Q�^_�f�VܞVk}wA_7��O}bRaUh9!mF6(hd�tix��gL7�ǘ�x�a*1aV
eզٝ$7�zg�d�\BVU�'r�&
�*�5�;-[6g `���:�&���)<|]С����r@JoIgo 4�? ��Pm̼@GBSxq�&�㷷Gd.$�'�k3`x sF@Yj$O�G���P5�6��:X C}IZVߺ顇U C�y|Q_[^ \�<�yS]\��h���T��L9�A <8$�EuE)�dwƻ wKy�\v���f+^ Z�؟�ްn�"ķ�
|$rkqC9ҔEZ盫r�0�Iݾ`?Ð�s�{VCU�Z"�dR1��@Q>�~1&gV3!"�&L��6@@P0H��7׳@%iH
1����#y
19��SLv� GPbC1w|춯�[/� T6CĊ�1�gGi>'_@�HM*N氀.JgU��E�t�03�7���
c�!�Ĕ�v7U�I8�F��0S�L\f�����F�"O�x�}:;�j��ܕiV�)Ln
0�Y:oN���*r ��P�:ςX\b�@Ԑ0��(VIB�u�XRFB(�s�
��6f&H�glulb����@�h),f,�TՊR
&uU��!2,��=VR<�>śAguU�q VH+�^@0��3�:�%
I�$͈ɵ?ѝ�24/?
iV>Nov.xf
Zӷptԝsm~:^:k_oW\`&hT楾��,g6OFY�i1;eNq(g:cͅfU�,x��e�^/J>�MSœ(o/��E_C�ĨҫSa0L�7͛VeS+��?gg:^Z3r�ZOm|ӦoJ�c~*4=V0.8���SD^u'ݫV�n�2g(9W(5�o66S��](f#77�VF)n.?�e��PasE;Who.o7sv3��gW�vF?2?A�2�>vNt�N��ɂ�dз�dЧ�w2�v2�Oѫ�>Bnj�((�#�坌r�߫�ʐ+�B�f.n~�kx:����{/�>_?@/?�}P1�G�BmV9m�B��f_ry���rָƅ)��IFy)W?R�E�rXB]e�By>++P/Үw3��:�?3/�z�^�}NV&n3��^a芪g-5n�
ǸJuv��^_A�5KHe^ۛT#GPYpKxEó#�#�h��toĶ.�p��&}:=Wvl+Jy.*ܲ�}:QOXE)9K8G#i@�A�ק3�{�"X�
½p'�eybn�AR-c�#}~�L(����(W].�6pqSݮ'% 5`
�nsOkr>uK2[~|^YlفGh��5�OK�WY�-J�aġ�$[�=r|Fއ^V՟p3�jlc}k~i?W�;usո�\7[3
쓭/>AͷDV�)pF ;F,R+|c ,~Q�?Ѱs7�3@�z:}K=s�~oc�us`��Hn6�J墦�
V˕R;~O;A"����(&0#&T$`v�X��rF(�RB�4|O۴W)]7tSsc<{�+4��аY-}�"z5��~L@-1k"�/c�A6of)3^8��6սD<�gM~
o2P�e ��S�7��J�,��{�3ŨD@3�ŝ�_�p1iR�
��{{�[1g7ډ�e�:��鴕q8Sc��ӄ�w�Y!Dü��x�4@{4�Xr(9Pų�l1@x�T z�d�Ldp!gB-Kt�mHe�D�˦U&K�;��Sx�CQ�Yqǭ�d<@T6?�rنwr$K4]$ǖ�~}�I�\=u{Ī�]�E�}GQ!je>WM]x6�,0�G1i��lK0]AS�փM�Ί��qM
&H�O´kDwYc}|Oi3A �i֠}փ��D#iZ#Xnƀ_@o=,N7"fG9p=�y
x��_�˝ܔ0b�pa`O�j"X�cM�Anӵc�X00w]Ww�-e~K5 D 9bw5-2DŽ]
&u'
�g'4WBMx:�Up6�E�'Є2���a���9ao5RFXk;MA5c>l:h}t[w!$J��f;�W1^{
#�E3dư�z<
�RƠC)�e h
km �t^wkdU9ْ7?�A�Sh4�Wϛ5���eXI%�i{j3鱻E>�H[aʹD.v
;H3SY,�> N_d�v�O~%�B+π!-sD��?�>K:[S1U)֒�_6/gw�ǁ;ysԷeEQ&PL��¶c�)Jqk3y�HRݤ#��9"Ź
oPm��J���0wG�ws�Hj(t��I`_P�&)1��|�j7;�1�Teu,s(ŬBSd��=�)O?6n'[nEG\��<>b�i$x��yc<�%z�nG}��û%:Ɛ�=ۭ���)0�p,\f�@�6�C|�eKo��z[���5HJ��F ϱɮy*�3@FWD0;"����im�KE�%&(Xp\'A6Ιl�;.�\�r"#�<[_ڵ<�ok3�)+o[t-(�5x2{n�6�m˟�~HױI�5�"`:�+ʕbA,\�n2?>Ş�i#|��@ w[!R�k�+W�ei$ցi��>�n)ZF#,c<��ԭ<�P0��@~c.vz]�nJQXƦa#�QaW:�67�n
M�ywDL\7o]e�#�AP1W�?&Il}�r�a�lX���^|+��o3Љe�;3Ganm,eH&}kqd.GD�I
qk,�Ma4,Lb5��"[]QI�(`�vX�3�|"@a)5\BLN�So
3pRaL �� b[и�gvC�%�=w۲ �0qm�r�?09�&rX)>�6�s�3��ς �ix�v�4
|
Network Security & Hardware 
