When an attacker exploit SQL injection, sometimes web application database SQL query syntax is wrong to complain that displays error messages. Blind SQL injection is almost identical to the SQL injection, data is retrieved from the database, the only difference being the way. Does not produce data on the database Web page, an attacker Database is true or false by asking a series of questions is forced to steal data. SQL injection vulnerability it exploits more difficult, but not impossible.
Example URL:
http://example.com/items.php?id=2
Sends the following query to the database:
SELECT title, description, body FROM items WHERE ID = 2
The attacker may then try to inject a query that returns 'false':
http://example.com/items.php?id=2 and 1=2
Now the SQL query should looks like this:
SELECT title, description, body FROM items WHERE ID = 2 and 1=2
If the web application is vulnerable to SQL Injection, then it probably will not return anything. To make sure, the attacker will inject a query that will return 'true':
http://example.com/items.php?id=2 and 1=1
No comments:
Post a Comment