SQL Server environments are often assumed to be secure by default. This session challenges that assumption. Starting from a low-privileged SQL login, I will demonstrate how design decisions, legacy features, and overlooked behaviors inside the MSSQL engine can be combined to achieve full instance compromise.
The presentation walks through real-world attack paths observed across on-premises and cloud-hosted SQL Server deployments, showing how privilege boundaries can be bypassed, sensitive data exposed, and administrative control obtained without exploiting traditional memory corruption bugs.
Beyond the offensive techniques, the focus is on why these issues exist and how they persist in production systems. Attendees will learn how to assess their own environments, recognize high-risk configurations, and apply practical defensive controls to reduce attack surface and prevent privilege escalation before an attacker proves it for them.
22-25 April 2026 