SQL Injection -Blind -Boolean-Based


..

162
This is a Blind-Boolean Based injection which is really difficult to enumerate, still let’s try 163 164
Single quote is being detected by server so this is not going to work we have to add something else. 165 166
The above syntax didn’t give us any error because, Boolean-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the application to return a different result depending on whether the query returns a TRUE or FALSE result. 167
’ or 1=0 order by 1– # 168
To check the number of columns we can use the above syntax until it gives us incorrect syntax error! 169 170 171
At order by 8 it gave us error so which means it has 7 columns
Depending on the result, the content within the HTTP response will change, or remain the same. This allows an attacker to infer if the payload used returned true or false, even though no data from the database is returned. This attack is typically slow (especially on large databases) since an attacker would need to enumerate a database, character by character.

~ Hack the World and Stay Noob

Twitter / Hack The Box / CTF Team / Teck_N00bs Community Telegram

Comments