Overview
Explore cutting-edge research on JDBC attacks in this 44-minute conference talk from the Hack In The Box Security Conference. Delve into the fundamentals of JDBC concepts and vulnerability root causes before examining in-depth analyses of existing implementations, including a newly discovered Weblogic RCE vulnerability. Discover novel exploitation techniques for JDBC, such as XXE and RCE issues, and learn about previously undisclosed vulnerabilities in DB2, JBoss Wildfly, and ModeShape. Presented by Xu Yuanzhen, a senior security engineer at Alibaba Cloud specializing in Java Security, Cloud Security, and Machine Learning Threat Detection, and Chen Hongkun, a security engineer focused on web attacks and defense research for Alibaba Cloud's WAF defense system.
Syllabus
#HITB2021SIN D1T2 - Make JDBC Attacks Brilliant Again - Xu Yuanzhen & Chen Hongkun
Taught by
Hack In The Box Security Conference