Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "SQL injection/Blind/Extraction"
From NetSec
(→Blind extraction) |
|||
| (5 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | == Blind extraction == | + | === Blind extraction === |
| − | '''There are | + | '''There are two types of blind SQL extraction attacks:''' |
| − | * | + | * Partial-blind: [[comparative precomputation|Pre-computation based]] (Tool: [[mysqli-blindutils]] > [[sqli-hap.py]]) |
| − | * | + | * Full-blind: [[timing based extraction|Timing based]] |
| − | '''The only things that | + | |
| + | '''The only things that these methods have in common is:''' | ||
* <u>These attacks</u> are all limited in some fashion because of environment and latency or dataset, respectively. | * <u>These attacks</u> are all limited in some fashion because of environment and latency or dataset, respectively. | ||
| − | * <u> | + | * <u>Successful exploitation</u> requires automation [[programming]]. |
Latest revision as of 04:01, 21 November 2012
Blind extraction
There are two types of blind SQL extraction attacks:
- Partial-blind: Pre-computation based (Tool: mysqli-blindutils > sqli-hap.py)
- Full-blind: Timing based
The only things that these methods have in common is:
- These attacks are all limited in some fashion because of environment and latency or dataset, respectively.
- Successful exploitation requires automation programming.
