Description: In this talk titled "Re-Playing with Blind SQL Injection" given by Chema at Shmoocon 2009, the speaker tries to tell about the possibility of creating attacks to avoid the database error processing by searching a binary behaviour in system's responses. He demonstrates SQL queries that could only have the possible responses as true or false. The author then tries to obtain the vulnerable parameter using the binary responses. He then demonstrates how to exploit the vulnerable parameter using different tools.He also demonstrates time based SQL injection using heavy queries and a tool known as marathon.He tells how using these queries and the tools one can access all the information stored in the database. He demonstrates using different queries with the AND operator using different time delay techniques.. Hence if any query returns false the net result is false.He then gives examples on the queries used on various SQL servers and how they can be exploited to reveal significant amount of information on the database. The discussion finally ends with a demo of the marathon tool using blind sql injection with heavy queries and revealing the information that it collects from the database in its log.
The PPT can be downloaded from here.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.