Thilan Dissanayaka Application Security Apr 26

Time based Blind SQL Injection

Blind SQL Injection happens when:

There is a SQL injection vulnerability,

BUT the application does not show any SQL errors or query outputs directly.

In this case, an attacker has to ask questions to the database and observe how the server behaves to extract information bit by bit.

There are two main types:

Boolean-based blind SQLi (based on true/false responses)

Time-based blind SQLi (based on delay in server response)

When the server behaves the same way for both True and False, we use Time delays to detect it!

Example:

Inject:

bash Copy Edit http://victim.com/product.php?id=5' AND IF(1=1, SLEEP(5), 0) -- If the server pauses for 5 seconds, 1=1 condition is true.

Inject:

bash Copy Edit http://victim.com/product.php?id=5' AND IF(1=2, SLEEP(5), 0) -- If no delay, then 1=2 condition is false.

Thus, based on the response time, we infer the truth of the injected statement.

Similarly, we can extract one character at a time by checking:

sql Copy Edit IF(SUBSTRING(database(),1,1)='a', SLEEP(5), 0)

ALSO READ
GraphQL - Interview preparation guide
Oct 01 Interview Guides

## What is GraphQL? GraphQL is a query language for APIs and a runtime for executing those queries. It allows clients to request exactly the data they need, reducing over-fetching and....

Template Pattern explained simply
Apr 26 Software Architecture

Ever found yourself writing similar logic over and over, only to change a few steps each time? That’s exactly what the **Template Pattern** helps you solve. The **Template Pattern** is a....

Decorator Pattern explained simply
Apr 26 Software Architecture

When you want to **add new functionalities** to an object **without modifying its structure**, the **Decorator Pattern** comes to the rescue. The Decorator Pattern lets you dynamically **wrap**....

How stack works in function call
Mar 23 Application Security

## The Stack in Computer Science The stack is an important concept in computer science. If you are planning to learn reverse engineering, malware analyzing, exploitation, etc., this concept is a....

Docker - Interview preparation guide
May 08 Interview Guides

## What is Docker and why is it used? Docker is a platform for developing, shipping, and running applications in containers. Containers package an application with its dependencies, ensuring....

How does SLL work?
May 17 Cryptography

Every time you see that small padlock icon in your browser's address bar, you're witnessing one of the internet's most important security technologies at work. This tiny symbol represents....