An attacker launches an SQL injection attack on a web application by trying to force the application requesting the back-end database to perform multiple SELECT queries. Which technique exploits the SQL injection vulnerability on the web application?

  • Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

An attacker launches an SQL injection attack on a web application by trying to force the application requesting the back-end database to perform multiple SELECT queries. Which technique exploits the SQL injection vulnerability on the web application?

  • Boolean 
  • Error-based 
  • Out-of-band 
  • Union operator 
  • Time delay

Explanation & Hint:

There are essentially five techniques that can be used to exploit SQL injection vulnerabilities:

  • Union operator – Typically used when an SQL injection vulnerability allows a SELECT statement to combine two queries into a single result or a set of results.
  • Boolean – Used to verify whether certain conditions are true or false.
  • Error-based – Used to force the database to generate an error to enhance and refine an attack (injection).
  • Out-of-band – Used to obtain records from the database by using a different channel.
  • Time delay – It is possible to use database commands to delay answers.

For more Questions and Answers:

6.13.3 Quiz – Performing Post-Exploitation Techniques Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments