本文介绍了Blind SQL Injection的概念,它是一种通过应用程序响应来判断数据库信息的攻击方式。当错误信息不显示时,攻击者通过一系列true或false的问题来获取数据。文章以sqli-labs的Less-8(基于布尔型的盲注)和Less-9(基于时间的盲注)为例,展示了如何进行盲注攻击。在Less-8的代码中,展示了如何处理查询结果并指出在没有错误信息的情况下判断注入的可能性。
引用 OWASP - Blind SQL Injection 简介:
Blind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.
When an attacker exploits SQL injection, sometimes the web application displays error messages from the database complaining that the SQL Query's syntax is incorrect. Blind SQL injection is nearly identical to normalSQL Injection, the only difference being the way the data is retrieved from the database. When
最低0.47元/天 解锁文章
扫一扫
239
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
