Databases
Please note the knowledge domains and topics outlined here are for guidance only and subject to change.
Understands the difference between local SQL Server accounts and integrated auth, an the security implications of both
–
Can identify running databases using from the SQL browser service
–
Demonstrate ability to execute operating system commands without xp_cmdshell
Can recognise common database connection string formats, e.g. JDBC
–
Understands common connection and authentication methods used by web applications to connect to database servers
Understands and can demonstrate how access can be gained to such a database server through the use of default accounts credentials and insecure passwords
–
Understands and can demonstrate the remote exploitation of common no-SQL database servers, such as MongoDB
–
Can identify and extract useful information stored within a database (e.g. user account names and passwords, recovering passwords where possible)
Can identify and extract useful information stored within a database (e.g. user account names and passwords, recovering passwords where possible)
–
Understands and can demonstrate the remote exploitation of an Oracle database
–
Understands the security attributes of the Oracle TNS Listener service
–
Can demonstrate how the software version and patch status can be obtained from an Oracle database
–
Understands and can demonstrate how access can be gained to an Oracle database server through the use of default accounts credentials and insecure passwords
–
Following the compromise of an Oracle database server, can use stored procedures to execute system commands, escalate privileges, read/write from/to the file system, and/or gain further access to a host
Following the compromise of Microsoft SQL server, can use stored procedures to execute system commands, escalate privileges, read/write from/to the file system, and/or gain further access to a host
–
Can identify and extract useful information stored within a database (e.g. user account names and passwords, recovering passwords where possible)
–
Understands and can demonstrate how access can be gained to a Microsoft SQL server through the use of default accounts credentials and insecure passwords
–
Understands and can demonstrate the remote exploitation of Microsoft SQL Server