Greeting Everyone! Hope going Good Today in this Blog we will explore Most critical Vulnerability Time delays Blind SQLI As we everyone know Website Commonly Use Database Whenever User Request For Specific data user able to manipulate data that they Need Which Is commonly happens In Our web application . In Programming way Developer used those queries Is SQL.
But sometimes is website Develop manner is In Weak flow It will allow Us to manipulate the query sent through the database.
What is Blind SQL Injection?
Based On Blind SQL Injection that Ask database Some question true or false According To server Response we can verify Actual issue . As time delay SQL Injection It check for time delay query with Database and send SQL Command to server with code force time delay that an attacker or Tester easily verify issue according To response section.
Basic Blind SQL Injection With time delay:
Here To demonstrate We will go through Basic portswigger LAB .
Now To check against Blind SQL Injection with time delay we basically force Database to sleep For Specific time
Where we have to Look for issue:
- Parameter
- Endpoint
- Login/ Signup form
- Any user Input Parameter
- cookies
Now To verify We have our target Site As below Picture
To Check It response We Need to setup Burp Environment And capture Request Of current page On burp through refreshing the page. Now,
- As above Picture We see We are successfully Able capture Request And We sent it in our repeater Section And As above picture we see “TrackingID=”
- Let’s Try To exploit against Time delay Blind SQLI Don’t forget to test On all parameter , end point you will be missed.
- We Know To check SQLI We basically Start with ‘ which will help us to Easy encounter Our SQLI.
- As above picture We used ‘ At end of the TrackerID= parameter Value And as response we got 200 Ok till Now We missed Something Don’t stop In One phase we have different techniques to Perform Successful Attack ,
- Now here we will Use SQL Query which force database to sleep for specific time set ,
- As above Picture we supplied ‘||pg_sleep(10)– And as response we got that mean we forced database to sleep for 10 sec and As response we got.
- Now Increase Value 10 to 20 we are going to force database for sleep 20 sec ‘||pg_sleep(20)–
- And As response we got and we are able to force data base to sleep for 20 sec.
- As response we see Response took time 20,198 miles And that we successfully verified There is blind Time Delay SQLI Against our targeted Website.
- As Above Post We verified How an Tester or Attacker look for Blind Based SQLI using Time delay method And How able verify issue Hope You Enjoyed Or Learned!
Common Mitigation Against Risk:
- Whitelist Input Validation
- Escaping All User-Supplied Input
- Consider a web application firewall (WAF)
Thanks For Reading……. See You In Another Blog!
Stick With Our Blog: Click Here
Author
Pallab Jyoti Borah
VAPT Analyst