Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə213/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   209   210   211   212   213   214   215   216   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

355
Blind SQL Injection
A blind SQL injection is one where an attacker extracts the data by asking the database “true or 
false” questions or by inducing a time delay to retrieve the data. This is a common scenario, where 
the administrator has configured the application to stop showing errors. Next, let’s talk about the 
two types of blind SQL injection techniques mentioned earlier.
Boolean-Based SQLi
In a Boolean-based SQL injection attack, we simply ask questions from the database in the form 
of “true or false” statements. A true statement returns a different result than a false statement, so 
based upon this, we are able to enumerate and extract information present in the database. A true 
statement means that the information that we are asking for is present inside the database; a false 
statement would mean it is not present. To generate a true or false statement, we can use the AND/
OR statement and inspect the response that the website returns.
Let me take you back to the example that I used to demonstrate UNION-based SQL injection 
attack. Let’s start by injecting a true statement AND 1=1 and look at the response.
True Statement
Syntax
http://localhost/index.php?support=yes’ AND 1 = 1--+ [True Statement]

356
◾ 
Ethical Hacking and Penetration Testing Guide
As we can see that the page returned correctly when we injected a true statement. Let’s now 
inject a false statement “AND 1=2” and inspect the response.
False Statement
Syntax
http://localhost/index.php?support=yes’ AND 1=2--+ [False Statement]
We can clearly see now that the response returned with a true statement is different than what 
was returned after injecting a false statement, there is a distinct response when injecting a true and 
a false statement. We can conclude that there is a good chance that the application is vulnerable 
to blind SQL injection.
You can follow the chart while testing for blind SQL injection. The key here is the distinction 
between a true and a false statement.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   209   210   211   212   213   214   215   216   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin