Free THA Webinar – Turning SQL Injections into Remote Shells
January 28, 2011
The next THA free webinar is right around the corner! Jeremy Conway will be giving a live demonstration on Turning SQL Injections into Remote Shells.
If you missed the last webinar, you can watch the recording here; Mike Murray spoke about Becoming a Professional Penetration Tester.
Here is a brief description of what will be covered: Jeremy will be giving a a live demonstration of how Web Application SQL Injection Vulnerabilities can be exploited to gain full remote access into a Microsoft SQL database server. This demonstration will include all of the basic steps for performing this attack such as fingerprinting, privilege escalation, defeating DEP protections, remotely enabling xp_cmdshell, and IDS/IPS evasion techniques.
When: Tuesday, February 8th, 2011
Time: 2PM EST
Length: 1 Hour
Where: Online
Cost: Free
To join us for this 1 hour free webinar, Click Here!
Note: if you’ve previously signed up for our webinars, there is no need to sign up again – you will have already received an invite via email.
2 new modules under our Ethical Hacking content
January 5, 2011
We just put up 2 new modules under the Ethical Hacking section for our members to take in; both by Dan Frye.
The first, under Network Penetration, is a module on Using Nessus:
“In this module of The Hacker Academy you will learn a good deal about network penetration testing. As we know network pen testing can be done as either a “black box” or “white box” exercise, in either case the process is much the same although the level of access given to us is different. This module will teach you how to analyze for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This module will go in depth on different network penetration testing tools, methodologies and fundamentals needed in order to perform a network penetration test.”
Second, under Programming and Reverse Engineering, is a module on Coding Meterpreter Scripts with Ruby:
“Dovetailing off the Hacker Academy module Coding in Ruby, this module exposes students to the underlying structure of how Meterpreter scripts are built. The module goes into what Metasploit API’s are available, how they are used to create new Meterpreter scripts, and gives students the opportunity to create their own Meterpreter scripts for use in their own pentesting engagements.”
If you’re interested in becoming a member, hop by our membership page for more info.
Cheers,
The Hacker Academy Team
