Tag Archives: SQL

The 20-minute simple SQL rootkit

As Microsoft SQL Server has progressed, the security features and facilities have greatly matured. Unfortunately, the functionality of the service has also gone to great lengths to facilitate the programmability of the service by administrators and operators. This talk demonstrates how to use the latest version of SQL server and the default functionality of both SQL and Windows, to create, install, and hide a SQL service rootkit – all in 20 minutes.

Career pen-tester with a talent for breaking SQL – still hates being called, “The SQL guy.”