SELECT code_execution FROM * USING SQLite: Eggheads lift the lid on DB security hi-jinks

10 August 2019

DEF CON At the DEF CON hacking conference in Las Vegas on Saturday, infosec gurus from Check Point are scheduled to describe a technique for exploiting SQLite, a database used in applications across every major desktop and mobile operating system, to gain arbitrary code execution. In a technical summary provided to The Register ahead of their presentation, Check Point’s Omer Gull sets out how he and his colleague Omri Herscovici developed techniques referred to as Query Hijacking and Query Oriented Programming, in order to execute malicious code on a system.

Read full article on The Register

Date:

10 August 2019

Categorie(s):

NEWS

Tag(s):

Databases, Open Source, Open Source Databases, Open Source Software, SQLite

US Voters Urged to Use Official Sources for Election Information5 November 2024
Tor and Tails Team Up for Better Online Privacy Protections5 November 2024
Beware of phishing emails delivering backdoored Linux VMs!5 November 2024
Lumifi acquires Critical Insight to boost incident response capabilities5 November 2024
Hackers Deploy CRON#TRAP for Persistent Linux System Backdoors5 November 2024