Saturday, February 4, 2012

Introduction to SQL Injection & Blind SQL Injection

MySQL is one of the most famous database server used by many people in the world.  However, many administrator don't set the MySQL correctly and that will make the database can be Injected by a hacker.

SQL Injection is a hacking technique that utilize the low security settings or poorly designed database on a server. SQL Injection usually done by inserting a series of code to the url or  a form of a website. The vulnerability appear when the user input is not filtered correctly, so when the user insert a SQL character into a form, that code will be executed by the database server. To know where is a site is injectable or not, simply put ' character after the url of the site. If an error appear like "You have an error in your SQL syntax, bla bla bla..." then the site is 99% injectable.

Blind SQL Injection is the same as SQL Injection. So, whats the difference? In blind SQL Injection case, when we test the url by put ' char at the end, nothing will happened, the site will just still show the same web page as before. The site is actually vulnerable for a SQL Injection attacks but the site won't tell us that there's an error in its SQL syntax. To attack a webpage that have this kind of protection need more thought and time because a new statement must be crafted for each bit recovered.
In BackTrack there's already a tool to help us do this job called sqlmap. A powerfull database injection tools..   :)

"the quieter you become, the more you are able to hear.."


Post a Comment