If not, then only should he/she proceed to blind SQLi. Ideally, one would add an asterisk to find whether the target is vulnerable to classical injection. Our target in this attack is - the first take is to find out whether the target is vulnerable or not. makes it much easier for me to write the tutorial. That being said, blind SQLi involves a lot of guessing, and the fact that I can use union based sql injection (classical injection that we did already) to find out table names, etc. However, we're going to assume that it's not, and attack it without using any of the methods we used in the previous SQLi tutorial. The URL we're going to attack is vulnerable to classical SQLi.
So I'll have to use the same old website. I can't find a website which wouldn't mind being attacked, and exposed in public.
One first tried the classical attacks, and if they fail, then only they proceed to blind SQLi. It is hard to know whether we're doing it right or not. This is why it is called a blind SQL Injection. The site will not give any obvious responses to our attacks. Basically, a site which can be hacked into but not using classical attacks. We now have to find a website which is vulnerable to SQL Injection, but does not show error messages.
0 kommentar(er)
