SqlShare.com Logo
 
Skip Navigation Links
Home
Video List
Classes
About Us
Login / Register
Subscribe RSS Feed 

Confio Ignite

Hacking SQL Server

In this presentation at the Jacksonville SQL Server Users Group, Bayer White playS the part of a developer protecting his application and Brian Knight attempts to hack his application using SQL Injection and cross-site scripting. Then, Bayer will show you how to protect yourself from the hacker and then Brian tries again. Back and forth the chess match goes until someone wins!

Duration:
55 mins 59 secs
Skill Level:
300
Rating:
3.93 out of 5
Publish Date:
February 04, 2007
Hacking SQL Server Watch Video Now  Watch it later!
Bookmark and Share
 
1=Poor, 3=Good, 5=Excellent

About the Author

Image of Brian Knight
Owner of Pragmatic Works :: Brian Knight, SQL Server MVP, MCSE, MCDBA, is the co-founder of Jumpstart TV and SQLServerCentral.com. Brian has written and co-written 9 technical books. Brian has spoken at conferences like PASS, TechEd and Connections. Brian develops solutions with Pragmatic Works to migrate DTS packages to SSIS.

References



Comments
Rick Stein on 9/15/2008
Went a bit fast.

pepe on 10/1/2008
excellent

Paul Kirkham on 10/7/2008
What an eye opener. Great info.

Rahul Sharma on 10/17/2008
Greate video...

rf2008 on 10/17/2008
on watching this video, it is clear that not only hacker can hack but also people with limited ability can hack.

jayant on 10/20/2008
best one thanks a lot...

7727CACFEB on 10/28/2008
Excellent, learn a lot about sql injection and how to hack.

borjonx on 11/11/2008
the guy hacking is pompous & a bit snooty. even still tho, this is one of the best demo's of it's kind I've ever seen, and I've been watching for about 7 years.

Brian Knight on 11/12/2008
:) I'm the pompous guy in the video. It was an act Bayer and I used for the session to smack talk back and forth to make it more interesting but I can totally see where you got that impression from.

Luis Sayegh on 11/20/2008
Good video! Excellent... Thank a lot Brian

rf2008 on 11/21/2008
:) had to smile on brian's commet, thought it funny, also glad to see a very talented guy answering to comments on fedback. sql is good, only for the right reasons, not hacking. rf2008

Vinay Bhushan on 12/2/2008
This Video was brilliently done, Need to protect my site now.

Lars Mikkelsen on 12/3/2008
Great video - it taught me a couple of new methods to protect the sites I create.

James Young on 12/3/2008
Hi Guys, thank you very much for putting this up on the web, I have had some sort of an attack on one of my sites with a MS SQL backend so I am working on preventing it happening again. There is a lot of information in this video and I shall have to watch it several times to absorb it all. Regards James

33FFBFECC5 on 12/8/2008
Good one

Bill Kearson on 12/30/2008
Great job. I need to check my websites. Where on JumpstartTV are the scripts and source code found?

John Echo on 1/1/2009
I could not find the slide nor the documents mentioned in this video

Pete Williams on 1/6/2009
Great topic. I really appreciate the examples provided.

Jay on 1/7/2009
Good stuff. But please please stop saying "right now I'm going to go ahead and....." it is cringeworthy outside of the USA. "I will..." is sufficient :)

Daniel Jordan on 3/2/2009
I learned that I have a lot to learn.

Paul Tormey on 3/10/2009
Well done. Is it possible to get the detail in a document that we can go through to understand exactly what you were doing? You can contact me on paultormey@gmail.com

Chacha on 3/26/2009
Excellent. Need also to tell to developers not to use KeyID (that may be exposed to users) only to update user data.

Marcus Hopfinger on 9/18/2009
Must watch for DBAs and security people AND developers as well so they know how to build better code.

Manish Sharma on 9/30/2009
I have note down maximum things from the presentation, But it would be very helpful if I get the PPT or some documentation.

Marcel Roesink on 1/13/2010
Very usefull for starting developers (students) that have to learn SQL and web-development.

Nuh on 1/21/2010
Very Nice, keep going

Nuh on 2/16/2010
Actually this type of weak shells are used very very rarely, people are smart now, but I do agree that there are till now 100's of site weak enough to be valn'ed by BSI. Nicely presented, but abit fast.

Mike on 4/27/2010
This was very helpful for me. Thanks.

Sarabpreet Singh on 5/1/2010
Gud One ;) Excellent



Must Be Logged In
 

How Do I Become a Video Author? |  Newsletter History

Copyright © Fourdeuce, Inc., 2005-2009. All Rights Reserved | Privacy Policy | Terms & Conditions