Defcon 22 and 23

Hacking SQL Injection for Remote Code Execution on a LAMP stack

Remember that web application you wrote when you where first learning PHP? Ever wonder how vulnerable that code base is? Through the perspective of an attacker you will see how SQL injection can lead to data loss and system compromise. This presentation will take you through the techniques and tools used to take control of a PHP web application starting from an injection point moving to PHP web shells, and ending with a Linux wildcard attack.


Intro to Backdooring

So you want to setup a back door? Have you ever wondered how its done and what you can do to detect back doors on your network and operating systems? Ever wanted to setup a back door to prank a friend?. This presentations will do just that. I will go over the basics of back doors using SSH, NET CAT, Meterpreter and embedding back doors into custom binaries along with the logistics of accessing them after they are in place.