| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri May 26 23:17:47 2006 From: joel at helgeson.com (Joel R. Helgeson) Subject: Application Security Hacking Videos With college campuses being hacked into on a seemingly daily basis, and student information being stolen and used for Identity Theft; I thought you might like to see how the hacks are being done, and how astoundingly easy they are. I have produced a video of a security audit I performed on a local college website that shows how easy these exploits are. There is also a brief training on the homepage that introduces non-experts to SQL injection concepts in a fashion that makes it easy to understand. Below is the link to the video of me hacking into the college web site using SQL injection: http://www.appiant.net/exploit.wmv Other videos related to application security can be viewed from the home page as well: www.appiant.net It's not available from the web page, but if you want to see the video of Microsoft's response to application security by securing the database: http://www.appiant.net/sql_security.wmv No, that video is not a fake; the entire video can be accessed from Microsoft's website - the original is over an hour long, I just edited it down to ~5 minutes so you could get the point in a shorter timeframe. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=31 Any questions, feel free to ask. Regards, Joel R. Helgeson President Appiant, Inc. 1402 County Road C2 W Saint Paul, MN 55113 (952) 858-9111 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060526/b921fa19/attachment.html
Powered by blists - more mailing lists