Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
| | Blind Injection in MySQL Databases | | Description | MySQL is not an easy database for Blind SQL Injection: it displays no errors when an UNION occours between two columns of different type and there isn't a way to make a query displaying errors from parameters passed inside the query itself. Many times happens that auditing the code of a php/MySQL application, we find an injection vulnerability that is not exploitable, because we cannot see the output or we see always an error cause the value retrieved is passed to multiple queries with a different numbers of columns before the script ends. In this cases the SELECT...UNION statement isn't enough. Or not? | | OS | | | Author | | | Submitted | 2005-02-27 16:50:02 by DiMan | | File size | 0.01mb | | Downloads | 679 (1 downloads/day) | |
|
|
|
InterJOB.su
|
