[Dailydave] New Talk added to INFILTRATE page! Yay!
Dave Aitel
dave at immunityinc.com
Wed Jan 9 16:12:00 EST 2013
I often spend my nights watching Grey's Anatomy and refreshing the
INFILTRATE page over and over. Last night
http://infiltratecon.com/speakers.html added Miguel Turner's talk on
exploiting Blind SQLi.
We had a talk at INFILTRATE 2012 about some of the preliminary steps for
making Blind SQLi useful - in particular, we do N-GRAM prediction to
speed things up (i.e. if the first character is "l", then the next guess
is for "localhost"). This makes a huge difference. However, over slow
networks (aka, "in the wild") this only helps so much. Unless you have
all year to try to look at the database structure, you're going to get
nowhere.
Until....this year's talk. :>
We at INFILTRATE HQ like talks that go beyond "and then you add it to
your consulting report". In fact, I'd go so far as to say INFILTRATE is
a yearly celebration of such things.
-dave
--
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 266 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20130109/8c0e283f/attachment.sig>
More information about the Dailydave
mailing list