Detecting & Exploiting SQL Injection in Restful Webservices null Bangalore Humla 28 February 2015 Detecting & Exploiting SQL Injection in Restful Webservices
Abstract
Injection vulnerabilities exist within web services as well although seldom detected and exploited. We will take a look at a simple RESTful web service, discuss various web methods it support and understand data flow.
We will then take a look at detecting and exploiting a SQL injection vulnerability, accessing the backend datastore and exfiltrating it using the browser. This will be a hands on session. Participants are advised to bring their laptops.
Speaker
I like photography, stargazing, collecting stamps and fishing.
Timing
Starts at Saturday February 28 2015, 10:00 AM. The sessions runs for about 3 hours.