---------------------------------------------------------------------------------------------------
Inband: Retrieve the results of the SQL Injection in the same input (e.g. in the browser). Data can be display in the normal output or in an error message.
Most common techniques for Inband are
* UNION based attacks
* Error Based
Now we must find out how many columns are used in the first SELECT statement. The most common techniques are the usage of ORDER BY or adding NULL values to the second query.
SELECT * FROM table
UNION
SELECT null,null FROM table
SELECT * FROM table ORDER BY 8
Out-of-Band: A different channel (e.g. HTTP, DNS) is used to transfer the data from the SQL query. If this is working it is the easiest way to retrieve a large amount of data from the database
Blind: Different timings / results are used to retrieve data from the database.
Oracle offers 2 possibilities to run blind injection. • DECODE • CASE
--------
No comments:
Post a Comment