Questions about this topic? Sign up to ask in the talk tab.

SQL injection/Blind/Extraction

From NetSec
Revision as of 19:02, 20 November 2012 by LashawnSeccombe (Talk | contribs) (Blind extraction)

Jump to: navigation, search

Blind extraction

There are two types of blind SQL extraction attacks:

  • Partial-blind: Pre-computation based
  • Full-blind: Timing based


The only things that these methods have in common is:

  • These attacks are all limited in some fashion because of environment and latency or dataset, respectively.
  • Successful exploitation requires automation programming.