Question

Jason, a penetration tester, is testing a web application that he knows is vulnerable to an SQL injection but the results of the injection are not visible to him. He tried waitfor delay command to check the SQL execution status which confirmed the presence of the SQL injection vulnerability. Which type of SQL injection Jason is attempting on the web application?

Blind SQL injection
Error-based SQL injection
UNION SQL Injection
Simple SQL Injection

Answer 1

Blind SQL injection

Step-by-step explanation:

• SQL Injection is a database hacking technique.
• It uses a series of SQL queries to get access to the Database Management System ( DBMS ).
• The hacker ( unauthorized user ) tries to find the login credentials of the database system.
• SQL Injection are of multiple types. One such technique is Blind SQL Injection.
• Here the attacker is using wait for delay command which implies the attacker is using the time based SQL injection.
• The time based SQL Injection is " Blind SQL Injection "
• In this type of SQL Injection, the attacker uses True / False questions on the database and the web application.
• Here, the attacker asks the True / False questions to the database with some delay in the query and sees the response in the web application. In this way, the attacker tries to hack the database.
• Ex: The attacker tries to find the database name by using SQL queries with the query meaning to "If the first letter of database name is 'A' wait for 10 secs " next "If the first letter of database name is 'B' wait for 10 secs " and so on till "If the first letter of database name is 'Z' wait for 10 secs" till finding the whole database name.
• So, option (a) is correct.
• Options (b), (c) and (d) are different type of SQL Injections which don't involve wait delay. SO, options (b), (c) , (d) are not the correct options.