The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

Your first task is to discover the number of columns returned by the original

Download 5,76 Mb.

Pdf ko'rish

bet	457/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 453 454 455 456 457 458 459 460 ... 875

Bog'liq
3794 1008 4334

Your first task is to discover the number of columns returned by the original

query being executed by the application. There are two ways of achieving this:

■

You can exploit the fact that

NULL

is convertible to any data type to sys-

tematically inject queries with different numbers of columns, until your

injected query is executed, for example:

‘ UNION SELECT NULL--

‘ UNION SELECT NULL, NULL--

‘ UNION SELECT NULL, NULL, NULL--

When your query is executed, you have determined the number of

columns required. If database error messages are not being returned by

the application, you can still tell when your injected query was successful

because an additional row of data will be returned, containing either the

word

NULL

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 453 454 455 456 457 458 459 460 ... 875