Inference
Some SQL injection vulnerabilities cannot be detected by direct observation of errors. These vulnerabilities require an inference-based methodology that compares how the site responds to a collection of specially crafted requests. This technique is also referred to as blind SQL injection.
An inference-based approach attempts to modify a query so that it will produce a binary response, such as forcing a query to become true or false, return one record or all records, or respond immediately or respond after a delay. This requires at least two requests to determine the presence of a vulnerability. For example, an attack to test true and false in a query might use OR 17=17 to represent always true and OR 17=37 to represent false. The ...
Get Seven Deadliest Web Application Attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.