Speakers: Wendel G. Henrique and Steve Ocepek, Trustwave
In a world of free, ever-present encryption libraries, many penetration testers still find a lot of great stuff on the wire. Database traffic is a common favorite, and with good reason: when the data includes PAN, Track, and CVV, it makes you stop and wonder why this stuff isn't encrypted across the board. However, despite this weakness, we still need someone to issue queries before we see the data. Or maybe not... after all, it's just plaintext.
Wendel G. Henrique and Steve Ocepek of Trustwave's SpiderLabs division offer a closer look at the world's most popular relational database: Oracle. Through a combination of downgrade attacks and session take-over exploits, this talk introduces a unique approach to database account hijacking. Using a new tool, thicknet, the team will demonstrate how deadly injection and downgrade attacks can be to database security.
The Oracle TNS/Net8 protocol was studied extensively during presentation for this talk. Very little public knowledge of this protocol exists today, and much of the data gained is, as far as we know, new to Oracle outsiders.
Also, during the presentation we will be offering to attendants:
- Knowledge about man-in-the-middle and downgrade attacks, especially the area of data injection.
- A better understanding of the network protocol used by Oracle.
- The ability to audit databases against this type of attack vector.
I- deas for how to prevent this type of attack, and an understanding of the value of encryption and digital signature technologies.
- Understanding of methodologies used to reverse-engineer undocumented protocols.
For more information click here (http://bit.ly/aeSvg2)