Blind SQL Injection

Posted in Internet Security Whitepapers, SQL Injection

0.0/5 rating (0 votes)

Hackers typically test for SQL injection vulnerabilities by sending the application input that would cause the server to generate an invalid SQL query. If the server then returns an error message to the client, the attacker will attempt to reverse-engineer portions of the original SQL query using information gained from these error messages. The typical administrative safeguard is simply to prohibit the display of database server error messages. Regrettably, that's not sufficient.
∙:∙ If you have trouble viewing this document, please click the link below!
Blind SQL Injection

Comments (0)

Leave a comment

Please login to leave a comment. Optional login below.