Thilan Dissanayaka Application Security Apr 26

Time based Blind SQL Injection

Blind SQL Injection happens when:

There is a SQL injection vulnerability,

BUT the application does not show any SQL errors or query outputs directly.

In this case, an attacker has to ask questions to the database and observe how the server behaves to extract information bit by bit.

There are two main types:

Boolean-based blind SQLi (based on true/false responses)

Time-based blind SQLi (based on delay in server response)

When the server behaves the same way for both True and False, we use Time delays to detect it!

Example:

Inject:

bash Copy Edit http://victim.com/product.php?id=5' AND IF(1=1, SLEEP(5), 0) -- If the server pauses for 5 seconds, 1=1 condition is true.

Inject:

bash Copy Edit http://victim.com/product.php?id=5' AND IF(1=2, SLEEP(5), 0) -- If no delay, then 1=2 condition is false.

Thus, based on the response time, we infer the truth of the injected statement.

Similarly, we can extract one character at a time by checking:

sql Copy Edit IF(SUBSTRING(database(),1,1)='a', SLEEP(5), 0)

ALSO READ
SSRF - Server Side Request Forgery
May 27 Application Security

Server-Side Request Forgery (SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's....

Ballerina connector for Hubspot Schema API
Mar 23 WSO2

Hi all, It's a new article on something cool. Here we are going to see how we can use the Hubspot schema connector with Ballerina. When it comes to building connectors for seamless integration....

Error based SQL Injection
Apr 26 Application Security

In the previous example, we saw how a classic [SQL Injection Login Bypass](https://hacksland.net/sql-injection-login-bypass) works. SQL Injection is not all about that. The real fun is we can extract....

Build A Simple Web shell
Mar 23 Application Security

A web shell is a type of code that hackers use to gain control over a web server. It is particularly useful for post-exploitation attacks, and there are various types of web shells available. Some of....

Common Web Application Technologies
Feb 11 Application Security

# JWT - JSON Web Tokens JWT is short for JSON Web Token. It is a compact and secure way to send information between two parties – like a client (browser) and a server. We usually use JWTs....

Singleton Pattern explained simply
Apr 26 Software Architecture

Ever needed just one instance of a class in your application? Maybe a logger, a database connection, or a configuration manager? This is where the Singleton Pattern comes in — one of the simplest....