1
00:00:15,430 --> 00:00:21,940
Swedo, We had an introduction to a skill injection attacks in this video, we will see different types

2
00:00:21,940 --> 00:00:23,590
of skill injection attacks.

3
00:00:24,670 --> 00:00:32,980
A injection can be classified into three major categories Inbal injection, inferential ESKIL injection

4
00:00:33,250 --> 00:00:35,590
and out-of-band ESKIL injection.

5
00:00:36,040 --> 00:00:38,770
The first is in one ESKIL injection.

6
00:00:39,880 --> 00:00:47,090
In addition, is the most common and easy to export out of the all discrimination attacks in Baghdad,

7
00:00:47,090 --> 00:00:52,760
SQL injection occurs when an attacker is able to use the same communication channel to both launch the

8
00:00:52,760 --> 00:00:54,150
attack and get the results.

9
00:00:54,800 --> 00:00:58,480
The two most common types of inbound is conditional error.

10
00:00:58,550 --> 00:01:02,060
Business condition and union based is good indication.

11
00:01:02,460 --> 00:01:05,080
We will see these two types in this lecture.

12
00:01:05,930 --> 00:01:13,070
Error based Eskil injection error based ESKIL injection is an inventive SQL injection technique that

13
00:01:13,070 --> 00:01:19,040
relies on error messages thrown by the database server to obtain information about the structure of

14
00:01:19,040 --> 00:01:19,780
the database.

15
00:01:20,300 --> 00:01:26,990
In some cases, error based clinician alone is enough for an attacker to enumerate an entire database,

16
00:01:27,830 --> 00:01:29,330
while others are very useful.

17
00:01:29,330 --> 00:01:35,090
During the development phase of a web application, they should be disabled on a lifecycle log to file

18
00:01:35,300 --> 00:01:36,990
with the Restricted Access Institute.

19
00:01:38,150 --> 00:01:40,400
The next is union based Eskil Indication.

20
00:01:41,370 --> 00:01:47,700
Union based nation is an embattled killing, the technique that leverages the union, a skilled operator,

21
00:01:47,700 --> 00:01:53,790
to combine the results of two or more SIDIQ statements into a single dessert, which is then returned

22
00:01:53,790 --> 00:01:55,410
as a part of the study period.

23
00:01:55,570 --> 00:02:00,430
But the next is inferential condition, which is the second type.

24
00:02:01,450 --> 00:02:07,170
Inferential is a good indication, unlike his condition, may take longer for an attacker to exploit.

25
00:02:07,690 --> 00:02:15,360
However, it is just as dangerous as any other form of discrimination in an inferential Escuela attack.

26
00:02:15,850 --> 00:02:21,250
No data is actually transferred while the application and the attacker would not be able to see the

27
00:02:21,250 --> 00:02:22,240
result of an attack.

28
00:02:22,390 --> 00:02:27,940
That is inborn, which is why such attacks are commonly referred to as blind injection attacks.

29
00:02:28,960 --> 00:02:34,660
In Syria, an attacker is able to reconstruct the database structure by sending payloads, observing

30
00:02:34,660 --> 00:02:38,800
the Web applications to respond and the resulting behavior of the database server.

31
00:02:39,750 --> 00:02:47,100
The two major types of inferential is conditional, blind boolean is condition and blind time-based

32
00:02:47,100 --> 00:02:47,960
is clear indication.

33
00:02:48,780 --> 00:02:54,150
The first which you are going to learn inferential, which is condition, is boolean based blindly SQL

34
00:02:54,150 --> 00:03:00,660
injection boolean based is good indication is an inferential obscure injection technique that relies

35
00:03:00,660 --> 00:03:06,960
on sending a query to the database, which forces the application to return a different result, depending

36
00:03:06,960 --> 00:03:09,560
on whether the query returns true or false result.

37
00:03:10,480 --> 00:03:15,610
Depending on the result, the content within the HTP response will change or remain the same.

38
00:03:16,180 --> 00:03:22,300
This allows an attacker to infer if the payload users return true or false, even though no data from

39
00:03:22,300 --> 00:03:23,440
the database is returned.

40
00:03:24,450 --> 00:03:30,870
This attack is typically slow, especially on large databases, since an attacker would need enumerator

41
00:03:30,870 --> 00:03:32,680
database character by character.

42
00:03:33,480 --> 00:03:36,090
The next is Time-Based, blindly SQL injection.

43
00:03:37,280 --> 00:03:42,830
Time-Based Eskil injection is an influential ESKIL injection technique that relies on sending a skilled

44
00:03:42,830 --> 00:03:48,950
query to the database, which forces the database to wait for a specific amount of time in seconds before

45
00:03:48,950 --> 00:03:55,610
responding response time will indicate to the attacker whether the result of the query is true or false,

46
00:03:56,210 --> 00:04:01,550
depending on the result, and its triple response will be returned with a delay or return immediately.

47
00:04:02,330 --> 00:04:07,700
This allows an attacker to infer if the payload user returned true or false, even though no data from

48
00:04:07,700 --> 00:04:08,780
the database is written.

49
00:04:09,500 --> 00:04:13,070
This attack is typically slow, especially for large databases.

50
00:04:13,400 --> 00:04:19,760
Cincinnati will need a new military database like blind based or bullion based character by character.

51
00:04:21,460 --> 00:04:28,420
And the last is out of Barney's condition, which is the third time out of mind a skin condition is

52
00:04:28,420 --> 00:04:32,050
not very common, mostly because it depends on features.

53
00:04:32,320 --> 00:04:38,950
A number on the database server being used by the Web application out of meniscal injection occurs when

54
00:04:38,950 --> 00:04:45,550
an attacker is unable to use the same channel to launch the attack and get the results out of the techniques

55
00:04:45,550 --> 00:04:49,210
of an attacker and alternative to inferentially based techniques.

56
00:04:50,270 --> 00:04:56,660
Especially if the survey responses are not very stable, making and influential time-based attack,

57
00:04:56,720 --> 00:05:05,630
unreliable out of mind as clinicians rely on the database servers ability to make DNS on these GDP requests

58
00:05:05,840 --> 00:05:07,420
to deliver data to an attacker.

59
00:05:08,440 --> 00:05:12,340
So in this lecture, we covered three major escalation.

60
00:05:13,060 --> 00:05:16,870
Next lecture, we will start the manual, a school injection practical.