So... in 45 minutes the room had gone from non-believers to realizing they not only had a massive SQL Injection problem - but had also been rooted and were now distributing the Zeus bot from one of their main websites.

I'm guessing he got in the door with this... :)