A Blind SQL injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the application response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.
It is performed when an error message is not received from application while trying to exploit SQL vulnerabilities. The developer's specific message is displayed instead of an error message. So it is quite difficult to find SQL vulnerability in such cases.
A pen tester is trying to extract the database name by using a blind SQL injection. He tests the database using the below query and finally finds the database name.
http://juggyboy.com/page.aspx?id=1;
IF (LEN(DB_NAME())=4) WAITFOR DELAY
'00:00:10'--
http://juggyboy.com/page.aspx?id=1;
IF (ASCII(lower(substring((DB_NAME()),1,1)))=97) WAITFOR DELAY
'00:00:10'--
http://juggyboy.com/page.aspx?id=1;
IF (ASCII(lower(substring((DB_NAME()),2,1)))=98) WAITFOR DELAY
'00:00:10'--
http://juggyboy.com/page.aspx?id=1;
IF (ASCII(lower(substring((DB_NAME()),3,1)))=99) WAITFOR DELAY
'00:00:10'--
http://juggyboy.com/page.aspx?id=1;
IF (ASCII(lower(substring((DB_NAME()),4,1)))=100) WAITFOR DELAY
'00:00:10'--
What is the database name?
A. ABCD
B. EFGH
C. WXYZ
D. PQRS
正解:A
質問 2:
What are placeholders (or markers) in an HTML document that the web server will dynamically replace with data just before sending the requested documents to a browser?
A. Slide Server Includes
B. Server Side Includes
C. Server Sort Includes
D. Sort Server Includes
正解:B
質問 3:
In the example of a /etc/passwd file below, what does the bold letter string indicate?
nomad:HrLNrZ3VS3TF2:501:100: Simple Nomad:/home/nomad:/bin/bash
A. GECOS information
B. Maximum number of days the password is valid
C. Group number
D. User number
正解:D
質問 4:
In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?
A. UDP evasion technique
B. IPS evasion technique
C. IDS evasion technique
D. TTL evasion technique
正解:D
質問 5:
Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?
A. Web Services Footprinting Attack
B. URL Tampering Attacks
C. Service Level Configuration Attacks
D. Inside Attacks
正解:A
質問 6:
Identify the injection attack represented in the diagram below:
A. XPath Injection Attack
B. XML Injection Attack
C. XML Request Attack
D. Frame Injection Attack
正解:B
Harada -
アプリバージョンダウンロードできるのは、通学通勤時間にも重たい本書を持ち歩かなくても勉強できる。
腰を落ち着かせて勉強するには、やはりアプリの方が頭に入りやすいから、あるのは嬉しい。
役に立った。