Archive of Gathering Information
-
Find Table Names for SQL Injection
Posted in Gathering InformationExtracting table names to achieve SQL injection. Before building a query to extract sensitive information, the attacker must know what data he wants to extract and where it is stored in the database. This article explains how to show table names. To simplify learning, we suppose that...
Continue reading this entry → -
Find Column Names for SQL Injection
Posted in Gathering InformationExtracting column names for a given table. Once the attacker knows table names he needs to find out what the column names are in order to extract information. This article explains how this information can be found using meta data...
Continue reading this entry → -
SQL Injection Using UNION
Posted in SQL Injection TechniquesUnderstanding how to create a valid UNION-based attack to extract information. UNION-based attacks allow the tester to easily extract information from the database. Because the UNION operator can only be used if both queries have the exact same structure, the attacker must craft a SELECT statement...
Continue reading this entry → -
SQL Injection Login Bypass
Posted in SQL Injection TechniquesUnderstanding SQL injection attacks against login form. Login bypass is without a doubt one of the most popular SQL injection techniques. This article presents different ways an attacker can use to defeat a login form. Principles detailed here are simple but strongly related to Continue reading this entry →
-
Determining Query Structure
Posted in SQL Injection TestUnderstanding how to craft a malicious SQL segment. One of the main tasks of a penetration tester is to figure out what is the original query structure. This precious piece of information will allow him to take control over the main query with a specially crafted SQL segment...
Continue reading this entry → -
SQL Injection Detection
Posted in SQL Injection TestDetect potential SQL injection vulnerabilities. The first step towards achieving a successful SQL injection attack is to detect vulnerabilities. Of course, some tools can automate the process, but it’s better to understand how detection can be done manually. In addition, there are some situations where...
Continue reading this entry → -
Identify Data Entries for SQL Injection Attacks
Posted in SQL Injection TestWhere SQL injection vulnerabilities could be found. First and foremost, the tester will need to identify data entries before attempting an attack. Despite the fact that SQL injection is among today's most popular security issues, all fields are not necessary vulnerable. For this reason, you must be...
Continue reading this entry → -
SQL Injection and String Parameters
Posted in SQL Injection BasicsHow to perform SQL injection in text fields. The only difference between numeric parameters and string parameters is that the latter is enclosed between quotes. From an attacker perspective it simply means that the injected SQL segment must be crafted in...
Continue reading this entry → -
SQL Injection Attacks and Numeric Parameters
Posted in SQL Injection BasicsUnderstanding numeric SQL injection. Attacks against numeric parameters are the simplest way to achieve a SQL injection. This kind of vulnerability is also widely spread since developers often consider that numeric parameters are safe when in most cases they are not. Let's now see...
Continue reading this entry → -
Stacked Queries
Posted in SQL Injection TechniquesExecute multiple statements in the same query to extend the possibilities of SQL injections. Stacked queries provide a lot of control to the attacker. By terminating the original query and adding a new one, it will be possible to modify data and call stored procedures. This technique is massively used in SQL injection attacks...
Continue reading this entry →
