Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Yes, that's one way to extract data by (ab)using a blind sql injection vulnerability.
If you look at sqlmap [1], they offer two techniques for blind sql injection: boolean-based and time-based. Boolean-based should be used when the app just returns an error page (or not) based on your sql injection. The time-based approach should be used when no error page appears but the SQL is still executed.
But when I look at sqlmap docs for the time-based approach [2] I think I got the initial explanation wrong. It will do a 5 second delay if a certain condition is met, e.g. "Is the first character of the value an 'T'? If yes, wait 5 seconds; if not, return immediately". And then send hundreds of requests in parallel to iterate over all positions & possible characters.
[1] https://github.com/sqlmapproject/sqlmap/wiki/Usage#sql-injec...
Related posts
- Restful API Testing (my way) with Express, Maria DB, Docker Compose and Github Action
- Is this sql query in django safe?
- Enhancing Code Quality and Security: Building a Rock-Solid CI Test Suite for Seamless Development
- 👨🏻💻Securing Your Web Applications from SQL Injection with SQLMap
- Are these good projects to have? (appsec)