SQL Injection: Out-of-Band Exploitation

This is an advanced SQL Injection (SQLi) post, if you’re new to SQLi maybe try this one first:¬†Basics and Defence Recently I had a fairly slow Time-Based SQL injection vulnerability, meaning that I could only pull a single character at a time with SQLmap and each character took around 10 seconds to retrieve. An alternative approach in this situation is to use out-of-band retrieval.  This is a concept that can be used when exploiting lots of vulnerabilities such as SQL Injection, Command Injection, Cross-site Scripting and XML External Entity Injection. The idea is fairly simple, instead of capturing the data …

Read More