[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Application Security Hacking Videos
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] Application Security Hacking Videos
- From: "Joel R. Helgeson" <joel@xxxxxxxxxxxx>
- Date: Fri, 26 May 2006 17:17:30 -0500
With college campuses being hacked into on a seemingly daily basis, and student
information being stolen and used for Identity Theft; I thought you might like
to see how the hacks are being done, and how astoundingly easy they are. I
have produced a video of a security audit I performed on a local college
website that shows how easy these exploits are. There is also a brief training
on the homepage that introduces non-experts to SQL injection concepts in a
fashion that makes it easy to understand.
Below is the link to the video of me hacking into the college web site using
SQL injection:
http://www.appiant.net/exploit.wmv
Other videos related to application security can be viewed from the home page
as well: www.appiant.net
It's not available from the web page, but if you want to see the video of
Microsoft's response to application security by securing the database:
http://www.appiant.net/sql_security.wmv
No, that video is not a fake; the entire video can be accessed from Microsoft's
website - the original is over an hour long, I just edited it down to ~5
minutes so you could get the point in a shorter timeframe.
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=31
Any questions, feel free to ask.
Regards,
Joel R. Helgeson
President
Appiant, Inc.
1402 County Road C2 W
Saint Paul, MN 55113
(952) 858-9111
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/