Replaying with Blind SQL Injection (Shmoocon 2009)

In this talk titled "Re-Playing with Blind SQL Injection" given by Chema at Shmoocon 2009,  the speaker  tries to tell about the possibility of creating attacks to avoid the database error processing  by searching a binary behaviour in system's responses. He  demonstrates SQL queries that could only have the possible responses as true or false. The author then tries to obtain the vulnerable  parameter using the  binary responses. He  then demonstrates how to exploit the vulnerable  parameter  using different tools.He also demonstrates time based SQL injection using heavy queries and a tool known as marathon.He tells how using these queries and the tools  one can access  all the information stored in the database. He demonstrates using different queries with the AND operator using different time delay techniques.. Hence if  any query returns false the net result is false.He then gives examples on the queries used on various SQL servers and how they can be exploited to reveal significant amount of information on the database. The  discussion finally ends with a demo of the marathon tool using blind sql injection with heavy queries and revealing the information that it  collects from the database in its log.

The PPT can be downloaded from here.

Prateek Gianchandani , 20 is a student dedicated to the field of network security . He has organized a number of workshops and hacking events in his college. Learning more and more about network security always keeps him busy . His favourite passtimes include listening to music,reading novels, playing snooker etc.  He is currently doing B-tech in electrical engineering from the prestigious Indian Institute of technology ,Roorkee. u can contact him at prateek_gian [-at*] yahoo.co..in