Home Forums Help with BlindSQL Payload

This topic contains 1 reply, has 2 voices, and was last updated by  MateForever 1 month, 1 week ago.

  • Author
  • #459932

    I hope my post does not get flagged as I am just trying to understand the payload.

    I have a question on a Time SQL payload I came across while working.

    AND 2947=LIKE(‘ABCDEFG’,UPPER (HEX(RANDOMBLOB(800000000/2))))—-

    I need help understanding what the payload is doing. Hope someone can explain.

  • #459934


    Seems to be just a complex calculation to see if there is a vulnerability, if the request needs longe than usual the database calculated your statement.

  • #459935


    that’s a 400MB random blob, I can few use cases:

    * blind time based attack, just do something that is expected to take long time
    * fingerprint the database, isn’t randomblob specific to sqlite?
    * resource exhaustion: CPU, RAM or maybe even storage
    * entropy exhaustion: low entropy can either result in denial of service or in bad random numbers (affecting cryptography performed on the same system). But randomblob is pseudo-random, I’m not sure how much system entropy it consumes.

You must be logged in to reply to this topic.