Program Details
A public web server is hit with a SQL Injection attack.
In this scenario, the system attacks a known public web server using SQL injection. During the attack, the attacker enables the internally-stored SQL procedure xp cmdshell, which is later used to extract all of the users’ computer names and emails from the active directory (AD) using PowerShell scripts, and to stop the internal server’s services using the remote Service Control Manager. The attack is performed repeatedly until the trainees stop the attack.
Stock number:
0874365
Price:
$500.00