Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Capturing the Flag, SQLi-Style

timothy posted about 10 months ago | from the slipping-one-in dept.

Databases 24

CowboyRobot writes "Penetration tester and long-time security professional Sumit 'Sid' Siddharth has developed a real-world SQL injection sandbox simulator, and invites the public for a capture the flag event later this month. 'The only way you can understand the true impact of vulnerabilities is by practicing exploitation. Even vulnerability identification goes hand-in-hand with exploitation,' says Siddharth. 'Sometimes identifying the vulnerability is really difficult, and it's only when you know advanced exploitation techniques that you can do so. We've also put together some really nice examples where identifying the vulnerability is really difficult, and we've asked people to find the needle in the haystack because that's how websites get compromised at the end of the day,'"

cancel ×

24 comments

Sorry! There are no comments related to the filter you selected.

real world (1)

Moblaster (521614) | about 10 months ago | (#45153973)

Real world SQL injection usually ends badly. The last SQL injection that actually worked in real life was The Empire Strikes Back. So yes. I agree. SQL injection is usually a disaster.

Pitifully... (1)

cyberpocalypse (2845685) | about 10 months ago | (#45154017)

Either his site is being SQLi'd to death or he is being /.'d ctf.notsosecure.com no worky. Maybe he can come back and monetize this CTF to include: "How to run a webserver while being visitedDoS'd"

Re: Pitifully... (0)

Anonymous Coward | about 10 months ago | (#45158391)

The sqlilab access is controlled via vpn gateway. Its not a public site, but we have a series of apps on vpn lab. The ctf will be on a public site and yes someone might be able to dos it and kill the fun, but whats the objective of doing that?

Overall the ctf will be fun :)

relevant (xkcd) (1)

Anonymous Coward | about 10 months ago | (#45154031)

Re:relevant (xkcd) (0)

Anonymous Coward | about 10 months ago | (#45161203)

Okay, but this had better not be the Bobby Tables one again ...

Re:relevant (xkcd) (1)

wonkey_monkey (2592601) | about 10 months ago | (#45162049)

If you can't tell by the number alone, get out.

Requires Credit Card or Paypal (1)

giantism_strikes (1887188) | about 10 months ago | (#45154079)

They are offering a free 30-day trial as long as you give them payment information. This is the same as all of the "Free Credit Reports" that require you to sign up with a credit card and cancel at the end of the free trial.

Re:Requires Credit Card or Paypal (0)

Anonymous Coward | about 10 months ago | (#45154201)

Also he is putting that information in a sql database, and asking to have people inject his site. No thanks.

Re: Requires Credit Card or Paypal (0)

Anonymous Coward | about 10 months ago | (#45158247)

The sqli lab is hosted separate to ctf site. When u sign up for sqli lab u get vpn access to lab. We dont handle your card data, its processed by paypal

Re: Requires Credit Card or Paypal (0)

Anonymous Coward | about 10 months ago | (#45158313)

Where did u get this info from????

There are 2 options:

1. Pay via paypal (securely) and get 30 days lab access including access to all solutions(video and pdf).

2. Register for the training class at blackhat seattle, then you get Free 30 days access.

Hope this helps

Re: Requires Credit Card or Paypal (1)

gl4ss (559668) | about 10 months ago | (#45162773)

oh so it is "invites customers".

aaadveeeeeert. I thought I clicked the checkbox for no adverts.

Who still writes SQL by hand? (1)

NewWorldDan (899800) | about 10 months ago | (#45154117)

While I do write some stored procedures, everything in the application is done through a data access layer like EntityFramework (we're a visual studio shop). Now, XSS attacks, escalation of privileges, and any number of other web based attacks are still a big deal. But SQL injection is the least of my worries. Is this different elsewhere?

Re:Who still writes SQL by hand? (1)

CastrTroy (595695) | about 10 months ago | (#45154227)

While I think that object relational mappers are great for simple CRUD operations, I find they really start to break down once you want to do a somewhat complex queries. They can get the job done, but the biggest problem I have with them is the readability of the resulting code. SQL is much more readable than the equivalent for more complex queries.

Re:Who still writes SQL by hand? (0)

Anonymous Coward | about 10 months ago | (#45154621)

Even if you don't use an ORM layer, every popular web language I know of has parameterized statements that will do all the necessary escaping for you. Of all the classes of vulnerabilities, SQL injection is really the closest to a solved problem where any vulnerability is the result of extreme laziness/ignorance on the part of the developer.

Honestly, this seems like a weak version of the excellent Stripe CTF [stripe-ctf.com] competition where SQL injection was just one of the vulnerabilities that you had to exploit.

Re:Who still writes SQL by hand? (0)

Anonymous Coward | about 10 months ago | (#45154235)

Nope, we use hibernate, and it does a pretty good job at keeping things sanitized. PHP programmers?

Re:Who still writes SQL by hand? (0)

Anonymous Coward | about 10 months ago | (#45154315)

People who make SSRS Datasets.

Re:Who still writes SQL by hand? (1)

malacandrian (2145016) | about 10 months ago | (#45155363)

Even PHP has database abstraction [php.net] these days.

Re:Who still writes SQL by hand? (1)

OdinOdin_ (266277) | about 10 months ago | (#45158315)

"these days" ? What era was the date it did not have this ? You mean the PHP ecosystem has opened its eyes to finally using some good methodology.

Re:Who still writes SQL by hand? (1)

Garridan (597129) | about 10 months ago | (#45156105)

Srsly. I type my SQL in through a keyboard. My handwriting and OCR do not play nicely together.

obligatory [smbc-comics.com]

First task (1)

Anonymous Coward | about 10 months ago | (#45154133)

First task: Bypass the SQLi Lab authentication and use the site without registration. :-)

Only way? (0)

Anonymous Coward | about 10 months ago | (#45154241)

The only way you can understand the true impact of vulnerabilities is by practicing exploitation

There's another way - getting repeatedly pwned really bad and having to clean up the resulting mess and eventually fixing the holes being exploited.

It's a trap! (1)

fldsofglry (2754803) | about 10 months ago | (#45154299)

It's a trap! Don't do it...this is a honeypot set up by government organizations to catch criminals and bring them up on hacking related charges! http://www.youtube.com/watch?v=piVnArp9ZE0 [youtube.com] -- Lord, I hope the sarcasm comes through.

Another slashvertisement (1)

dutchwhizzman (817898) | about 10 months ago | (#45158515)

You can get plenty of free SQLi trainings and labs at sites like enigmagroup and hackthissite. OWASP has good training VM images available as well, This is a commercial lab where you have to pay to take the class and get access to the labs.

Re:Another slashvertisement (0)

Anonymous Coward | about 10 months ago | (#45161911)

Totally agree. Too many free resources available, this is just a site with tons of "Enroll now" payment options, and nothing interesting without dropping $150.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>