SQL Injection can be broken up into
3 classes:
Inband
data is extracted using the same channel that is used to inject the SQL code.
This is the most straightforward kind of attack, in which the retrieved data is presented
directly in the application web page
Out of Band
data is retrieved using a different channel (e.g.: an email with the results of
the query is generated and sent to the tester)
Inferential
there is no actual transfer of data, but the tester is able to reconstruct the
information by sending particular requests and observing the resulting behaviour of the
website/DB Server.
- Joseph McCray
Users browsing this forum: No registered users and 0 guests