SQL second-order works differently; one page in the web application takes the malicious user input and some other function on some other page or some other application retrieves this malicious content and parses it as a part of the query. Automated scanners are unable to detect such issues. However, Burp has an implemented logic that helps an attacker find out SQL second-order vulnerabilities.
Second-order SQL injection
by Riyaz Ahemed Walikar, Dhruv Shah, Carlos A. Lozano
Hands-On Application Penetration Testing with Burp Suite
- Title Page
- Copyright and Credits
- Contributors
- About Packt
- Preface
- Configuring Burp Suite
- Configuring the Client and Setting Up Mobile Devices
- Setting up Firefox to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome to work with Burp Suite (HTTP and HTTPS)
- Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)
- Additional browser add-ons that can be used to manage proxy settings
- Setting system-wide proxy for non-proxy-aware clients
- Setting up Android to work with Burp Suite
- Setting up iOS to work with Burp Suite
- Summary
- Executing an Application Penetration Test
- Exploring the Stages of an Application Penetration Test
- Preparing for an Application Penetration Test
- Identifying Vulnerabilities Using Burp Suite
- Detecting Vulnerabilities Using Burp Suite
- Exploiting Vulnerabilities Using Burp Suite - Part 1
- Data exfiltration via a blind Boolean-based SQL injection
- Executing OS commands using an SQL injection
- Executing an out-of-band command injection
- Stealing session credentials using XSS
- Taking control of the user's browser using XSS
- Extracting server files using XXE vulnerabilities
- Performing out-of-data extraction using XXE and Burp Suite collaborator
- Exploiting SSTI vulnerabilities to execute server commands
- Summary
- Exploiting Vulnerabilities Using Burp Suite - Part 2
- Using SSRF/XSPA to perform internal port scans
- Using SSRF/XSPA to extract data from internal machines
- Extracting data using Insecure Direct Object Reference (IDOR) flaws
- Exploiting security misconfigurations
- Using insecure deserialization to execute OS commands
- Exploiting crypto vulnerabilities
- Brute forcing HTTP basic authentication
- Brute forcing forms
- Bypassing file upload restrictions
- Summary
- Writing Burp Suite Extensions
- Breaking the Authentication for a Large Online Retailer
- Exploiting and Exfiltrating Data from a Large Shipping Corporation
- Other Books You May Enjoy
Second-order SQL injection
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.