Explore cutting-edge research on JDBC attacks in this 44-minute conference talk from the Hack In The Box Security Conference. Delve into the fundamentals of JDBC concepts and vulnerability root causes before examining in-depth analyses of existing implementations, including a newly discovered Weblogic RCE vulnerability. Discover novel exploitation techniques for JDBC, such as XXE and RCE issues, and learn about previously undisclosed vulnerabilities in DB2, JBoss Wildfly, and ModeShape. Presented by Xu Yuanzhen, a senior security engineer at Alibaba Cloud specializing in Java Security, Cloud Security, and Machine Learning Threat Detection, and Chen Hongkun, a security engineer focused on web attacks and defense research for Alibaba Cloud's WAF defense system.
Overview
Syllabus
#HITB2021SIN D1T2 - Make JDBC Attacks Brilliant Again - Xu Yuanzhen & Chen Hongkun
Taught by
Hack In The Box Security Conference
Related Courses
-
XRP Raid Protector - Killing A Critical Bug Worth 40 Billion Dollars
-
The Best Laid Schemes - Attacking URL Schemes
-
Cache Side Channel Attacks - CPU Design As A Security Problem
-
Improving Unicode Attacks With Deep Learning
-
Exploring and Exploiting the SQLite
-
In Depth Analysis of Multicast DNS and DNS Service Discovery
