A little over a year ago I presented at SOURCE Seattle about SQL post-exploitation; discussing things that are still possible in the MS-SQL environment, as well as those techniques that people seem to have lost or forgotten over the years. One of the interesting things to come out of post-talk discussions with attendees was their unfamiliarity with the default Extended Store Procedures in SQL, let alone the fact that it was possible to create custom Extended Stored Procedures.
After some time had passed I was still getting asked questions, both in person and online, about some of the additional techniques that can be incorporated into a SQL post-exploitation methodology.
I’ve put together a presentation for the nice folks at ToorCon and I’ll be delivering it this Friday (October 19th) as part of the ToorCon San Diego pre-con Seminars. My talk will cover traditional post-exploitation scenarios as well as a proof-of-concept toolkit and techniques for turning SQL into an attack platform once a foothold is established.
If you’re in San Diego this week, come join the party…