Making a Blind SQL Injection a Little Less Blind

Making a Blind SQL Injection a Little Less Blind

6 years ago
Anonymous $oIHRkISgaL

https://medium.com/@tomnomnom/making-a-blind-sql-injection-a-little-less-blind-428dcb614ba8

Someone told me the other day that “no-one does SQL Injection by hand any more”. I want to tell you about a SQL Injection bug that I found and exploited manually.

Disclaimer: for the most part, I’m going to take you down the ‘happy path’ here. There were many more dead-ends, far more frustration, and much more head scratching in the discovery and exploitation of this bug than any of this would imply. I’d hate for all of that to get in the way of a good story though, so anyway…

Last Seen
30 minutes ago
Reputation
0
Spam
0.000
Last Seen
6 minutes ago
Reputation
0
Spam
0.000
Last Seen
36 minutes ago
Reputation
0
Spam
0.000
Last Seen
4 hours ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
6 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
36 minutes ago
Reputation
0
Spam
0.000
Last Seen
54 minutes ago
Reputation
0
Spam
0.000
Last Seen
4 hours ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
a year ago
Reputation
0
Spam
0.000