This is a real world demonstration of the SQL Injection attack used in the recent MOVEit hack. This is real world - not just a simple SQL attack.
Big thank you to Juniper Networks for supporting the community and making this training free (and sponsoring my channel). Go to https://juniper.net/davidbombal to get lots of training and also learn how to get certified for $50 (Associate Level). Use this voucher code to register for your courses: DAVIDBOMBAL

If you have issues with the Juniper registration, please use these links that they gave me:
For Login assistance link https://userregistration.juniper.net/loginassistance
Customer Support link- https://support.juniper.net/support/requesting-support/

// Mr Robot Playlist //
https://www.youtube.com/playlist?list=PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q

// Proof of Concept //
Horizon3: https://www.horizon3.ai/moveit-transfer-cve-2023-34362-deep-dive-and-indicators-of-compromise/

// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/davidbombal

// Occupy The Web social //
Twitter: https://twitter.com/three_cube

// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://davidbombal.wiki/otw

// Occupy The Web books //
Linux Basics for Hackers: https://amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: https://amzn.to/3qCQbvh
Top Hacking Books you need to read: https://youtu.be/trPJaCGBbKU

// Other books //
The Linux Command Line: https://amzn.to/3ihGP3j
How Linux Works: https://amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: https://amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: https://amzn.to/3dDUZN8

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
00:00 - Coming Up
00:55 - Juniper Free Training (Sponsored segment)
01:51 - OccupyTheWeb books and new books
03:57 - The MOVEit breach explained
05:20 - Clop website // Companies affected
08:52 - The two different vulnerabilities
10:26 - The truth about SQL Injection
12:21 - Using Shodan
14:05 - Proof of concept of the exploit
16:18 - SQL Injection example
20:35 - MOVEit hack analysis / How it was done
28:57 - CVE-2023-35708 SQL Injection vulnerability explained
30:36 - What is Taiwan Semi-Conductor (TSMC) and why they got hacked
31:01 - SQL Injection hack in the real world
32:45 - OccupyTheWeb online classes
33:46 - Union statement // Stacking queries demo
37:02 - Upcoming OccupyTheWeb courses and classes
39:50 - Conclusion

MOVEit
sql
sql injection
hack
hacking
hacker
pegasus
cybersecurity

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#hacking #cybersecurity #sql