I pwnd your system, but I won't bill you for that.

Independent contracting isn’t easy. Managing your own schedule can be difficult, let alone managing client expectations.

This is a story of how I was hired to do a short job, and promised better functionality. But instead I discovered, proved, and fixed a glaring MySQL injection exploit.

This talk will mostly be a kind of parable about working with clients as a contractor or consultant. I will be prepared with all the technical details of the SQL injection and talk about my trial and error fumbling around while proving the issue.

This talk will probably be at least 60% anecdotal experience from independent contracting, and about 40% technicals, security, and exploitation (if the audience seems into it)
Beginner : security consulting SQL

Back