Using SQLite Vulnerabilities to Exploit a Password Stealer

Channel:
United States Check Point Software
Subscribers:
79,900
Published on ● Video Link: https://www.youtube.com/watch?v=cPfYoxLOi1M


Duration: 1:26
7,560 views
47

Check Point Research recently discovered an innovative method of exploiting SQLite bugs. For more information visit https://research.checkpoint.com/research.checkpoint.com/select-code_execution-from-using-sqlite
Recent research in hacking discovered that simply querying a database may not be as safe as you expect. Using our innovative techniques of Query Hijacking and Query Oriented Programming, we proved that memory corruption issues in SQLite can now be reliably exploited. As our permissions hierarchies become more segmented than ever, it is clear that we must rethink the boundaries of trusted and untrusted SQL input. To demonstrate these concepts, in this video we achieved remote code execution on a password stealer back-end running PHP7.



Other Videos By Check Point Software


2019-08-30Gimv Secures Critical Investment Data With Check Point CloudGuard SaaS
2019-08-29PGNiG TERMIKA Strengthens Security with Check Point to Protect Energy Supplies
2019-08-28The University of Bergamo Secures Network with Check Point Gateway Security Solutions
2019-08-28Pérez-Llorca Protects Corporate Reputation with Check Point Security Solutions
2019-08-22The 7 Principles of Absolute Zero Trust Security With Check Point Infinity
2019-08-16Top U.S. Telecom Provider Secures Network with Check Point Next Generation Firewalls
2019-08-13A Holistic Approach to Cyber Security Effectiveness | Check Point's CheckMates Nuggets
2019-08-12CPX 360 2020 - Premier Cyber Security Summit & Expo
2019-08-12CPX 360 2020 - Early Bird Savings Now Available for the Premier Cyber Security Summit & Expo
2019-08-11Ransomware on a DSLR Camera | Latest Research from Check Point
2019-08-10Using SQLite Vulnerabilities to Exploit a Password Stealer
2019-08-07Check Point’s Oded Vanunu Demonstrates Cyber Security Vulnerabilities in WhatsApp
2019-08-07Remote Desktop Protocol Vulnerability Demo – Paste-Only Attack On Hyper-V Windows RDP
2019-08-06Empowering Cloud Security for the Channel
2019-08-05EA Games Vulnerability Leads to Account Breach & Identity Theft
2019-07-26You Asked, Check Point CEO Gil Shwed Answers!
2019-06-12Partner Webinar | New Way to Engage with Customers
2019-06-05Understanding Malware DNA – The Classification of Malware Families
2019-06-05New Cyber Security Vulnerabilities found on a Major IPTV Platform
2019-05-28Check Point SandBlast Agent Protects Against BlueKeep Vulnerability
2019-05-20Check Point Threat Extraction for Web Technology


Tags:
SQLite
Check Point Research