From beb9b511842df41b6e96b94fa6481d3c05d9f515 Mon Sep 17 00:00:00 2001 From: Tyler Perkins Date: Tue, 8 Mar 2022 14:15:01 -0500 Subject: [PATCH] Update for 08-03-22 14:15 --- tech/sqli.wiki | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tech/sqli.wiki b/tech/sqli.wiki index 1a84fb5..d0a80ff 100644 --- a/tech/sqli.wiki +++ b/tech/sqli.wiki @@ -66,6 +66,29 @@ This would disable the password check, and return all rows to the application. Attacker can send another query after the intended query, allowing them to extract more information. +== Inferential attack == + +Inferential attacks occour when there is no actual transfer of data, but the +attack is able to reconstruct the information by sending particular requests +and observing the resulting behavior of the websites/database. + +=== Illegal or incorrect queries === + +A reconsiance step for attackers. By intenionally creating errors, attacker is +able to gather info from very verbose error pages + +=== Blind SQL injection === + +Attacker infer the data present in a database system even when the system is +secure enough to not show verbose error messages. The attacker asks server T/F +questions. If the query is true, the site functions like normal. + +== Solutions == + +* Defensive coding +* Paramterized query insertion +* Use Typesafe SQL DOM + == Also see == * [[sql]]