Automating Boolean SQL Injection and Evading Filters

Published: 24 October 2023
on channel: IppSec

21,844

571

Sign up for Snyk at https://snyk.co/ippsec

00:00 - Talking about why I like SQL Boolean Injection
01:47 - Opening up the source code to the web app
02:00 - Snyk sponsor segment, talking about how it can find and fix vulnerabilities in your code in real time
04:30 - Demonstrating validating boolean injection with an or statement
07:00 - Showing a small python client I made for this video to play with the SQL Injection, then showing subqueries
09:20 - Showing how to enumerate columns in the database via brute-force guessing because we can't use information_schema
11:25 - Going over the LIMIT statement so we can control which row we are looking at, then showing LIMIT 2 offset 1 is the same as LIMIT 1,1
15:00 - Showing the SUBSTR command so we can guess individual characters in a column/row
17:05 - Talking about converting a string to number in mysql which makes it possible to guess bad characters
21:45 - Start of creating our script, talking about the 3 functions we need, then creating one to dump the number of rows in a column
29:40 - Automating getting the length of a column in our row
32:40 - Automating exfilling the actual data and implementing a binary search/divide and conquer algorithm to speed our request up
46:00 - Debugging our script
47:35 - Found the error, messed up the column name. Showing the algorithm we made to bruteforce characters with the BETWEEN
49:00 - Putting all the functions together to automate dumping all the data
54:50 - Showing SQLMap has troubles with this, especially because the function (GEOGRAPHY_AREA) it uses to fingerprint the app won't work because it contains a bad character (_)
57:10 - Cleaning up and explaining the code a little bit

Watch video Automating Boolean SQL Injection and Evading Filters online, duration hours minute second in high quality that is uploaded to the channel IppSec 24 October 2023. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 21,844 times and liked it 571 visitors.

443