Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘” or ‘1’=’1″ in any basic injection statement such “or 1=1.” Identify the evasion technique used by Daniel in the above scenario.
Option 1 : Variation
Option 2 : IP fragmentation
Option 3 : Null byte
Option 4 : Char encoding
One may append the comment “–” operator along with the String for the username and whole avoid executing the password segment of the SQL query. Everything when the — operator would be considered as comment and not dead.
To launch such an attack, the value passed for name could be ’OR ‘1’=‘1’ ; —
Statement = “SELECT * FROM ‘CustomerDB’ WHERE ‘name’ = ‘ ”+ userName + “ ‘ AND ‘password’ = ‘ ” + passwd + “ ‘ ; ”
Statement = “SELECT * FROM ‘CustomerDB’ WHERE ‘name’ = ‘ ’ OR ‘1’=‘1‘;– + “ ‘ AND ‘password’ = ‘ ” + passwd + “ ‘ ; ”
All the records from the customer database would be listed.
Yet, another variation of the SQL Injection Attack can be conducted in dbms systems that allow multiple SQL injection statements. Here, we will also create use of the vulnerability in sure dbms whereby a user provided field isn’t strongly used in or isn’t checked for sort constraints.
This could take place once a numeric field is to be employed in a SQL statement; but, the programmer makes no checks to validate that the user supplied input is numeric.
2. IP fragmentation
IP fragmentation attacks are a common type of denial of service attack, during which the perpetrator overbears a network by exploiting datagram fragmentation mechanisms.
Understanding the attack starts with understanding the method of ip fragmentation, a communication procedure during which ip datagrams area unit broken down into little packets, transmitted across a network so reassembled back to the first datagram.
Fragmentation is necessary for data transmission, as each network has a unique limit for the scale of datagrams that it will method. This limit is understood because the most transmission unit (MTU). If a datagram is being sent that’s larger than the receiving server’s MTU, it’s to be fragmented so as to be transmitted completely.
3. Null byte
Null byte Injection is an exploitation technique wont to bypass sanity checking filters in infrastructure by adding URL-encoded null byte characters (i.e., %00, or 0x00 in hex) to the user-supplied knowledge. This injection method will alter the intended logic of the application and permit an offender to urge unauthorized access to system files.
Most web applications today are developed using higher-level languages like PHP, ASP, Perl, and Java. However, these net applications at some point need process of high-level code at the system level and this method is sometimes accomplished using C/C++ functions. the various nature of those dependent technologies has resulted within the Null byte Injection (aka Null byte Poisoning) attack.
How will Null byte Injection work?
All languages of the web are exploitable with this if your code is not sanitizing input -OR- parsing files properly. Null bytes are put in situ to terminate strings or be a place holder in code, and injecting these into URLs will cause net applications to not know once to terminate strings and manipulate the applications for purposes like LFI/RFI (Local and Remote File Inclusion).
4. Char encoding
In computing, information storage, and information transmission, character encoding is employed to represent a repertoire of characters by some kind of kind of system that assigns variety to every character for digital representation. depending on the abstraction level and context, corresponding code points and the ensuing code space is also regarded as bit patterns, octets, natural numbers, electrical pulses, etc. a personality encoding is used in computation, information storage, and transmission of matter information. “Character set”, “character map”, “codeset” and “code page” are connected, but not identical, terms.
Early character codes related to the optical or electrical telegraph may solely represent a set of the characters employed in written languages, typically restricted to upper-case letter letters, numerals and a few punctuation upper case. The low price of digital representation of knowledge in trendy pc systems allows a lot of elaborate character codes (such as Unicode) that represent most of the characters employed in several written languages. Character coding using internationally accepted standards permits worldwide interchange of text in electronic kind.
Learn CEH & Think like hacker
- What is Ethical Hacking? & Types of Hacking
- 5 Phases of Hacking
- 8 Most Common Types of Hacker Motivations
- What are different types of attacks on a system
- Scope and Limitations of Ethical Hacking
- TEN Different Types Of Hackers
- What is the Foot-printing?
- Top 12 steps for Footprinting Penetration Testing
- Different types of tools with Email Footprinting
- What is “Anonymizer” & Types of Anonymizers
- Top DNS Interrogation Tools
- What is SNMP Enumeration?
- Top vulnerability scanning tools
- Information Security of Threat
- Footprinting tools:
- What is Enumeration?
- Network Security Controls
- What is Identity and Access Management?
- OWASP high TEN web application security risks
- Password Attacks
- Defend Against Key loggers
- Defend Against Spyware
- Covering Tracks
- Covering Track on Networks
- Everything You Need To Know About Sniffing – Part 1
- Everything You Need To Know About Sniffing – Part 2
- Learn more about GPS Spyware & Apparatuses
- Introduction of USB Spyware and It’s types
- 10 Types of Identity Theft You Should Know About
- Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
- Most Effective Ways to Overcome Impersonation on the Social Networking Site’s Problem
- How Dynamic Host Configuration Protocol (DHCP) Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- IOS Switch Commands
- Web Server Concept
- Web Server Attacks
- Web Server Attack Tools
- Web Server Security Tools
- 6 Quick Methodology For Web Server Attack
- Learn Skills From Web Server Foot Printing / Banner Grabbing
- The 10 Secrets You Will Never Know About Cyber Security And Its Important?
- Ways To Learn Finding Default Content Of Web Server Effectively
- How will Social Engineering be in the Future
- Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
- Learning Good Ways To Protect Yourself From Identity Theft
- Anti-phishing Tools Guide
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com