Showing posts with label Javascript. Show all posts
Showing posts with label Javascript. Show all posts

Wednesday, 25 January 2012

Injecting Insert statements: MySQL error based injection

Exploring my options

One night while banging injection payloads into a random page I suddenly found myself in an insert statement! This is when I got the idea to use insert statements for MySQL error based injection vectors.

Some people might be wondering why on earth would one would want to inject an insert? Would that even work?

The answer is YES! you can use INSERT statements to leak data via Error based injection much like people already do using SELECT statements

Sunday, 22 January 2012

Injecting javascript via MySQL error based injection

I've written about this in a couple of other articles, but I needed it to be on my new blog because it makes a good attack especially when dealing with MySQL databases, because:

  • MySQL on *nix servers can be configured pretty well, making access to the database very difficult and therefore pwnage can be very difficult!!
  • You have the ability to extend MySQL Error based injection into other attacks that may not be viable on the web application like:
    • non-persistent XSS
    • Defacement of the site
    • HTTP parameter pollution
    • DDos (more on this in another post!!) ---using this web application to make requests to other servers at the expense of the person visiting the page