Of course Havij isn’t the only tool of this kind, products like sqlmap are also extremely popular and in this case, also open source. No, these are kids just looking to smash and grab whatever they can from vulnerable websites. But – and this is a big “but” – do a quick search on YouTube and you won’t find too many videos from penetration testers nor will you find many comments from people with a vocab broader than Ari’s. Now keep in mind that Havij is a tool that “helps penetration testers” and indeed ITSecTeam who makes the product is a legitimate security firm. YouTube is littered with similar examples. This isn’t a criticism of the kid per se, it’s simply an observation about how accessible tools like Havij are. As well as the guy sounding like he’s about 15 years old, it’s also clear he has very little idea of what a SQL database is or even how Havij actually works. It is very, very prevalent.Ī quick look through YouTube and you’ll see tutorials such as SQL Injecting With Havij which is notable not for its content, but rather for its presenter. Last year it was SQLi which brought down Sony Pictures and it was also allegedly SQLi that was behind this year’s LinkedIn breach. How severe? As in the example above, SQLi can readily be used to access stored credentials in a vulnerable site and even though these were salted and hashed, they’ll easily fall victim to a brute force attack. What makes SQLi particularly dangerous is that it’s classified as both “easy” to exploit (which I think we can now all agree on) and with an impact of “severe”. Firstly, remember that injection remains in the number one spot in the OWASP Top 10. See how easy it is? Let’s move on and let me give you some more context around the ease and prevalence of these attacks. Turns out that’s not too far from the truth: In fact I reckon it’s so easy that even my 3 year old can be a successful hacker. In the case of SQL injection, tools such as Havij mean that even if you don’t know your indexes from your collations or your UDFs from your DMVs, so long as you can copy and paste a URL you can be an instant “hacker”. The problem, of course, is that many of these “hacks” have become simple point and shoot affairs using freely available tools. I don’t mean that in a relative sense to myself as I get older, I mean literally a child. I mean we’re seeing a huge number of attacks (an unprecedented number, by some figures) and all too often the perpetrator is a kid. You know what really strikes me about a lot of the hacks we’ve seen lately? It just seems too easy. This content is now available in the Pluralsight course "Ethical Hacking: SQL Injection"
0 kommentar(er)
