Welcome to the course of “database hacking”. In this workshop, we will be extremely focused on talking about tricks and techniques used for hacking into databases and underlying operating system. We will also lay down the general and core concepts for understanding the databases, like how they work, why they are used and what are the known vulnerabilities or weaknesses to exploit and gain illegitimate access. Microsoft SQL Server and MYSQL server are the two main database servers we will be discussing.
However, we will also cover general hacking tricks that can be used in order to hack into any backend database servers. We will consider if live hacking sessions are possible in a live environment which can be shown so that PoC is presented. However, we will cover home lab setup so students can build at home to practice the hacking skills taught in this course. We will also cover Structured Query Language (SQL) which plays a key role for security researchers and in our experiences a security professional or researchers is not considered expert if he or she doesn’t have any solid experience with databases and SQL.
This e-book contains text materials from the course.