Forum Thread: Blind SQL Injection

Blind SQL Injection

After a scan with Acunetix I found a vulnerability "Blind SQL Injection".

Image via imgur.com
Image via imgur.com

Now what should I do?

5 Responses

That depends what choice you wanna go? manually or using a tool.

First of all, you should make sure that your recon tool did not accidentally generate a false positive, as many do just by nature. Browse the server until you find a url ending in something like "id=12357". To see if it is vulnerable, type in an apostrophe (This thing: ') right after the number. If the page shows an error, or perhaps some elements of the page go missing, it is a vulnerable page!

Site admin OTW actually wrote a tutorial on using a tool in Kali Linux called "sqlmap" to uncover database files. You can find that here.

If you have permission to test...sqlmap can do alot of things. But I would advise you to understand what sql injection actually does, and how. Many things can result from sql injection like shell access.

Thank you all.It states that the site is a friend of mine and I am one staffer.

We are just checking the security of our site. I already tried on sqlMap to enumerate the database with the string saddle scan:

/search.php?sd=d&searchid=unanswered&sk=t&sr=topics&st=-1%27%20or%2085%20%3d%20%2783

Image via imgur.com

but no results, other suggestions?

Sorry for my English, I use a translator.

Share Your Thoughts

  • Hot
  • Active