tag:blogger.com,1999:blog-2830206898979206277.post2200136889686751510..comments2024-03-28T08:05:56.296+01:00Comments on Haxxor Security: Speeding up Blind SQL Injections using Conditional Errors in MySQLUnknownnoreply@blogger.comBlogger28125tag:blogger.com,1999:blog-2830206898979206277.post-71777235069748837122023-09-29T11:58:12.645+02:002023-09-29T11:58:12.645+02:00Thank you for sharing this informative blog with u...Thank you for sharing this informative blog with us. Your blog is very useful for us. Are you a student in Australia feeling overwhelmed by your academic workload? Look no further! <a href="https://homeworkhelpp.com/" rel="nofollow">Homework Help</a> in Australia is here to assist you in achieving academic excellence.<br />Our dedicated team of experienced tutors and educators is committed to providing top-notch academic support tailored to your specific needs. Whether you're struggling with complex math problems, wrestling with challenging essays, or seeking guidance on any subject, our experts are ready to assist you every step of the way.<br />jhon carryhttps://www.blogger.com/profile/04168807514864458378noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-6361479951687233492023-09-06T12:32:24.286+02:002023-09-06T12:32:24.286+02:00PrivateEyesPI.com offers certified ethical hackers...PrivateEyesPI.com offers certified ethical hackers for tailored cybersecurity solutions. Benefit from enhanced security, peace of mind, and transparent services. Trust us to protect your digital world with legal and ethical practices. Your online security is our priority.Privateeyespihttps://privateeyespi.com/noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-2677796413119885022023-08-10T13:52:58.723+02:002023-08-10T13:52:58.723+02:00The blog is awesome and informative for finding th...The blog is awesome and informative for finding the error of coding. You are very good work. Now it's time to avail <a href="https://ugo-coaches.com/best-10-seat-minibus-hire-in-dartford/" rel="nofollow">Best 10 seat minibus hire in Dartford</a> for more information.Alex petterhttps://www.blogger.com/profile/09405423797249702102noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-53115606107188804252023-08-09T12:58:12.094+02:002023-08-09T12:58:12.094+02:00Coding is not easy for everyone. Thank you for pro...Coding is not easy for everyone. Thank you for providing My SQL formats. This blog is awesome and informative. Now it's time to avail <a href="https://figlimo.com/jupiter-florida-airport/" rel="nofollow">Jupiter Florida Airport</a> for more information. Markwilliumhttps://www.blogger.com/profile/12013717046339936917noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-70258760894346805542023-07-19T14:10:54.711+02:002023-07-19T14:10:54.711+02:00BIS registration refers to the process of register...BIS registration refers to the process of registering a product with the Bureau of Indian Standards (BIS) in India. BIS is the national standard-setting body in India and is responsible for developing and promoting standards in various fields, including engineering, consumer goods, and chemicals <br /><a href="https://www.indiannexus.com/bis.html" rel="nofollow">INDian Nexus</a> Bis Consultant In Bangalorehttps://www.blogger.com/profile/01024921553617438312noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-63907323813875795762023-03-21T12:56:07.545+01:002023-03-21T12:56:07.545+01:00BIS registration refers to the process of register...BIS registration refers to the process of registering a product with the Bureau of Indian Standards (BIS) in India. BIS is the national standard-setting body in India and is responsible for developing and promoting standards in various fields, including engineering, consumer goods, and chemicals. <a href="https://alephindia.in/bis-registration-certification.php" rel="nofollow">BIS registration</a> is mandatory for certain products that are listed under the BIS certification scheme. Aleph India is a leading certification agency in India that provides end-to-end services related to BIS Registration.<br />Aleph INDIA Grouphttps://www.blogger.com/profile/17116743055534372710noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-62585128307352091482023-02-16T09:53:12.045+01:002023-02-16T09:53:12.045+01:00Such a great coding blog. I was searching for that...Such a great coding blog. I was searching for that post. Thanks for sharing such an informative blog. Now it's time to avail <a href="https://localbiznear.com/hayatte-luxury-limo-services-in-long-beach-ca/" rel="nofollow">Hayatte Luxury Services</a> for more information.<br />Tim Stevehttps://www.blogger.com/profile/06851805502311502505noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-87506825570378535422022-11-26T04:41:28.598+01:002022-11-26T04:41:28.598+01:00Lucky Stiff is an elective wager designed for regu...Lucky Stiff is an elective wager designed for regular blackjack that uniquely combines components of both luck <a href="https://vigorbattle.com/" rel="nofollow">카지노</a> and skill. Lucky Ladies is an elective proposition wager used within the recreation of Blackjack. If she rolls a special quantity, the sport goes on.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-36699083777089437722021-12-29T06:58:21.721+01:002021-12-29T06:58:21.721+01:00Excellent content ,Thanks for sharing this .,
Lean...<br />Excellent content ,Thanks for sharing this .,<br />Leanpitch provides online training in ICP ACC, everyone can use it wisely.<br /><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Agile coach certification</b></a><br /><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>ICP ACC certification online</b></a>srihttps://www.blogger.com/profile/10986893727829560363noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-13724636281516791222021-12-29T06:57:58.354+01:002021-12-29T06:57:58.354+01:00Excellent content ,Thanks for sharing this .,
Lean...<br />Excellent content ,Thanks for sharing this .,<br />Leanpitch provides online training in ICP ACC, everyone can use it wisely.<br /><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Certified Agile coach certification</b></a><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Agile coach</b></a>srihttps://www.blogger.com/profile/10986893727829560363noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-46292643995882309562021-12-29T06:57:43.534+01:002021-12-29T06:57:43.534+01:00Excellent content ,Thanks for sharing this .,
Lean...<br /><br />Excellent content ,Thanks for sharing this .,<br />Leanpitch provides online training in ICP ACC, everyone can use it wisely.<br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>ICP ACC certification</b></a><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Certified Agile coach</b></a><br />srihttps://www.blogger.com/profile/10986893727829560363noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-52019708014953135432021-12-29T06:55:21.547+01:002021-12-29T06:55:21.547+01:00Excellent content ,Thanks for sharing this .,
Lean...<br />Excellent content ,Thanks for sharing this .,<br />Leanpitch provides online training in ICP ACC, everyone can use it wisely.<br /><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Agile coach certification</b></a><br /><a href="https://leanpitch.com/online/certified-agile-coach" rel="nofollow"><b>Agile coach certification online</b></a>srihttps://www.blogger.com/profile/10986893727829560363noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-53958124363122669882021-02-04T05:08:25.448+01:002021-02-04T05:08:25.448+01:00Mua vé máy bay tại Aivivu, tham khảo
vé máy bay đ...Mua vé máy bay tại Aivivu, tham khảo<br /><br /><a href="https://aivivu.com/ve-may-bay-di-my-us-gia-re-bao-nhieu-tien/" rel="nofollow">vé máy bay đi Mỹ bao nhiêu</a><br /><br /><a href="https://aivivu.com/ve-may-bay-tu-my-ve-viet-nam-gia-re/" rel="nofollow">vé máy bay từ mỹ về việt nam 2021</a><br /><br /><a href="https://aivivu.com/ve-may-bay-tu-anh-ve-viet-nam-re-nhat/" rel="nofollow">khi nào có chuyến bay từ anh về việt nam</a><br /><br /><a href="https://aivivu.com/ve-may-bay-tu-phap-ve-viet-nam-gia-re-hien-nay/" rel="nofollow">mua vé máy bay giá rẻ từ pháp về việt nam</a><br />ve may bay tethttps://aivivu.com/gia-ve-may-bay-tet-vietnam-airlines-vietjet/noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-36381716082310148872021-01-04T11:17:10.094+01:002021-01-04T11:17:10.094+01:00Đại lý vé máy bay Aivivu, tham khảo
vé máy bay đi...Đại lý vé máy bay Aivivu, tham khảo<br /><br /><a href="https://aivivu.com/ve-may-bay-di-my-us-gia-re-bao-nhieu-tien/" rel="nofollow">vé máy bay đi Mỹ giá rẻ</a><br /><br /><a href="https://aivivu.com/gia-ve-may-bay-tet-vietnam-airlines-vietjet/" rel="nofollow">vé máy bay tết</a><br /><br /><a href="https://aivivu.com/ve-may-bay-di-canada-bao-nhieu-tien/" rel="nofollow">giá vé máy bay đi canada bao nhiêu</a><br /><br /><a href="https://aivivu.com/ve-may-bay-di-phap-gia-re/" rel="nofollow">book vé máy bay đi Pháp</a><br /><br /><a href="https://aivivu.com/ve-may-bay-di-anh-gia-re/" rel="nofollow">vé máy bay đi Anh giá rẻ 2021</a><br /><br /><a href="https://aivivu.com/ve-may-bay-gia-re/" rel="nofollow">vé máy bay giá rẻ 24/7</a><br /><br /><a href="https://aivivu.com/combo-ve-may-bay-khach-san-gia-re/combo-du-lich-da-nang/" rel="nofollow">combo du lịch đà nẵng 3 ngày 2 đêm</a><br /><br /><a href="https://aivivu.com/combo-ve-may-bay-khach-san-gia-re/combo-du-lich-da-lat/" rel="nofollow">combo đà lạt 2021</a><br /><br /><a href="https://aivivu.com/huong-dan-xin-visa-di-trung-quoc-chi-tiet-nhat/" rel="nofollow">làm visa trung quốc mất bao nhiêu tiền</a><br /><br /><a href="https://aivivu.com/combo-cach-ly-khach-san-tp-hcm-14-ngay-tron-goi-an-toan/" rel="nofollow">cách ly khách sạn</a><br />Vietnam Airlinehttps://aivivu.com/ve-may-bay-vietnam-airlines-gia-re/noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-54920932971102602802011-07-09T11:37:11.033+02:002011-07-09T11:37:11.033+02:00nice one, there is a similar approach which can be...nice one, there is a similar approach which can be used described here: http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/<br /><br />bsqlbf already incorporates this modesidhttp://www.notsosecure.comnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-14812270564279629612011-06-29T21:49:22.517+02:002011-06-29T21:49:22.517+02:00@Anonymous (3)
I've now added a widget from PD...@Anonymous (3)<br />I've now added a widget from PDF24 that can convert an article to pdf and send it to your email.Mangohttps://www.blogger.com/profile/13056591049234757557noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-31681408474813763982011-06-22T22:20:23.918+02:002011-06-22T22:20:23.918+02:00@Qwazar
Thank you. I'll check it out.
@Anonym...@Qwazar<br />Thank you. I'll check it out.<br /><br />@Anonymous (3)<br />I'll try to convert it to PDF in a couple of days. Check back then.<br /><br />@Anonymous (2)<br />Cool. Thank you very much. Do you have a website or should I copy the code and host it at mine. And since you're anonymous, who should I credit?<br /><br />As I said before "I'm actually working on a little script to use probability, statistics, letter frequencies and more to increase the speed on the binary-masks-8-reqs-per-char technique". So far it's just a php5 class. Maby we could work together to include it in your script.<br />Please drop me an e-mail at h@xxor.seMangohttps://www.blogger.com/profile/13056591049234757557noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-51785333558518161452011-06-22T16:27:00.880+02:002011-06-22T16:27:00.880+02:00@Mango
Following our discussions. I had a PHP scr...@Mango<br /><br />Following our discussions. I had a PHP script that I developed to dump Mysql data using blind injections, with the "binary masks" technique - Code here :<br />http://pastebin.com/0tj4DDNF<br /><br /><br />Usign your paper I modified the script to use the REGEXP subqueries technique, Code here :<br />http://pastebin.com/hmKQm2M7<br /><br />Result : 30 secs for the binary masks version, 10 secs for the REGEXP version on the same SQL query.<br /><br />You can see the output and test web page here :<br />http://pastebin.com/CYsEubsk<br /><br /><br />I Hope you'll find this useful, may it help you in your further research.<br /><br />RegardsAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-10020098514523528712011-06-22T10:40:57.463+02:002011-06-22T10:40:57.463+02:00Hi,
Really cool article. Would you consider publi...Hi,<br /><br />Really cool article. Would you consider publishing a PDF version for an easy offline reading ?<br />ThanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-68623168389776918272011-06-22T09:46:01.841+02:002011-06-22T09:46:01.841+02:00Thanks for link to my post. Also you can read some...Thanks for link to my post. Also you can read some other researches (in russian), here: https://rdot.org/forum/showthread.php?t=245<br /><br />And here: https://forum.antichat.ru/thread119047.html<br /><br />Also some hints can be found in my blog and here: https://rdot.org/forum/showthread.php?t=118<br /><br />And here: https://rdot.org/forum/showthread.php?t=60<br /><br />I think google translate can help. Also it's recomended to read not only first page.Qwazarhttp://qwazar.runoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-43698227133786311182011-06-21T21:52:08.989+02:002011-06-21T21:52:08.989+02:00@Anonymous (2)
You are right.
But I'm actuall...@Anonymous (2)<br />You are right.<br /><br />But I'm actually working on a little script to use probability, statistics, letter frequencies and more to increase the speed on the binary-masks-8-reqs-per-char technique. Check back in a couple of weeks and I should have it ready then.Mangohttps://www.blogger.com/profile/13056591049234757557noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-32279013229610028212011-06-21T21:31:07.335+02:002011-06-21T21:31:07.335+02:00@Mango: Thank you for you quick reply.
Just to ma...@Mango: Thank you for you quick reply.<br /><br />Just to make it clear, to resume, this technique is useful only when "mysql_error()" error messages are displayed.<br /><br />However, when the injection is "truly blind", ie. generic message or no message, the fastest and most efficient way, is still the binary-masks-8-reqs-per-char technique.<br /><br />That was the point. This is clear now :)<br /><br />RegardsAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-49681787432528281772011-06-21T20:59:51.196+02:002011-06-21T20:59:51.196+02:00@Anonymous (2)
Thank you for your comment, I under...@Anonymous (2)<br />Thank you for your comment, I understand your critique and I will try to explain my angle. <br /><br />The difference between a failed and a valid query usually is that the valid one returns 1 or more rows while the failed one returns 0 rows. What I'm doing is causing MySQL to throw an error. This often causes the web application to halt execution or to output some kind of error message.<br />If it shows a generic error message or just halts execution, that is still more then 10 times faster then delaying and timing the request. And if it outputs MySQL's error message, the number of requests can be reduced from 8 to 2-4.<br /><br />Also what is a blind SQL injections could be debated. A truly blind one should not even be susceptible to delaying and timing using the benchmark function, and yet these are called blind.Mangohttps://www.blogger.com/profile/13056591049234757557noreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-12818708098702709222011-06-21T20:21:22.065+02:002011-06-21T20:21:22.065+02:00Nice post.
While I understand the process, what I...Nice post.<br /><br />While I understand the process, what I don't get is the 'blind' part. Afaik, it is not fully blind since you need to have mysql error messages, right ?<br /><br />If I understand your post correctly, you need to match the error returned by Mysql to determine which sub-query failed, and thus which ASCII range is the byte contained in.<br /><br />But imagine a web app which says :<br />'Login failed' -> means query failed<br />'incorrect username or password' -> query is valid.<br /><br />No mysql error message. This is blind. Your method doesn't apply there.<br /><br />Please correct me if I'm wrong :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2830206898979206277.post-45936715625540829132011-06-21T18:54:46.109+02:002011-06-21T18:54:46.109+02:00@R00T_ATI
I see that you didn't even take the ...@R00T_ATI<br />I see that you didn't even take the time to read through the whole article. You see I read through your whole paper when you published it and they are nothing alike.<br /><br />Please try again.<br /><br />@Anonymous<br />I've read the first article while trying to find similar research, and it lacks curtain aspects.<br /><br />But thank you for the second article in Russian. That author seemed to even have figured out one extra thing that I've missed.Mangohttps://www.blogger.com/profile/13056591049234757557noreply@blogger.com