SQL injections are probably the most common vulnerability in Internet applications. They allow for injecting user selected input in database queries, getting access to sensitive data. Blind SQL Injections have the characteristic of never returning data directly. Instead, they give a 1-bit information about the success of the query. Queries can be iterated so to dump a whole database but this typically requires a long time. In the case of high latency networks this might become too long and more likely noticed by system administrators. We improve standard Blind SQL Injection techniques by considering probability-based and dictionary-based searches and by parallelising the queries. We show that these improvements make the attack much faster and effective even in high-latency networks.

Fast SQL Blind Injections in High Latency Networks.

FOCARDI, Riccardo;LUCCIO, Flaminia;SQUARCINA, MARCO
2012

Abstract

SQL injections are probably the most common vulnerability in Internet applications. They allow for injecting user selected input in database queries, getting access to sensitive data. Blind SQL Injections have the characteristic of never returning data directly. Instead, they give a 1-bit information about the success of the query. Queries can be iterated so to dump a whole database but this typically requires a long time. In the case of high latency networks this might become too long and more likely noticed by system administrators. We improve standard Blind SQL Injection techniques by considering probability-based and dictionary-based searches and by parallelising the queries. We show that these improvements make the attack much faster and effective even in high-latency networks.
IEEE-AESS Estel Conference - ESTEL 2012
File in questo prodotto:
File Dimensione Formato  
ESTEL12.pdf

non disponibili

Tipologia: Documento in Post-print
Licenza: Accesso chiuso-personale
Dimensione 182.96 kB
Formato Adobe PDF
182.96 kB Adobe PDF   Visualizza/Apri

I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/10278/38619
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 8
  • ???jsp.display-item.citation.isi??? 0
social impact