WebApp Sec mailing list archives

Deep Blind SQL Injection Whitepaper

From: "Ferruh Mavituna" <ferruh () mavituna com>
Date: Tue, 19 Aug 2008 14:38:55 +0100

This is a short whitepaper about a new way to exploit Blind SQL
Injections. It's implemented in BSQL Hacker (
http://labs.portcullis.co.uk/application/bsql-hacker/ ).

It is possible gather information from a target server with a 66%
reduction in the number of requests made of the server (compared to
normal Blind SQL Injection), requiring two rather than six requests to
retrieve each char.

Download:
https://labs.portcullis.co.uk/download/Deep_Blind_SQL_Injection.pdf



Regards,

--
Ferruh Mavituna
http://ferruh.mavituna.com

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------

Current thread:

Deep Blind SQL Injection Whitepaper Ferruh Mavituna (Aug 21)
- Re: Deep Blind SQL Injection Whitepaper Haroon Meer (Aug 21)