Null offensive hacking hands-on training.
Proposed sessions for this event:
- Detecting & Exploiting SQL Injection in Restful Webservices by Riyaz Walikar
Injection vulnerabilities exist within web services as well although seldom detected and exploited. Session will look at a simple RESTful web service, discuss various web methods it support and understand data flow.Session will then take a look at detecting and exploiting a SQL injection vulnerability, accessing the backend datastore and exfiltrating it using the browser.
Humla Champion -
Riyaz Walikar - http://swachalit.null.co.in/profile/10-riyaz-walikar
Hardware & Software Requirement -
This will be a hands on session. Participants are required to bring their laptops with a browser to attend this session.
|Saturday February 28 2015
|Detecting & Exploiting SQL Injection in Restful Webservices