Help With Sql Injection

[izatt82]

So basically the deal is I want to know if I should be worried.

I am doing something like this .asp?ID=1'

and I get back a blank page so I am assuming my only option is to do blind injection, but what else might this mean?

If it doesn't work then I get a different message saying the session has ended so seems like there might be a hole there. I need schooled on sql injection. I haven't tried seeing if there is a WAF in place or encoding I just tried to do the basics and want to make sure I understand what the blank page means.

Thanks guys

[digip]

Blank page might just mean they have error handling set to blank pages, or there really is no data returned and instead of a 404, they just server a blank page. Search for Joe McCray on YouTUBE. He does a lot of talks on sqli and a great place to start.

[izatt82]

Yeah I have been watching him I finally got a 404 page which was different than the blank page. I am starting to find out that SQL injection is a real PITA when going up against a pretty solid setup.

I used this and others like it and got the 404 page: if (select user) = 'sa' waitfor delay '0:0:10'

but it did not wait for 10 secs so it might be filtering all this stuff. I actually hope I can't get into it that way I know my vendors shit is secure and we aren't getting screwed.

[ghosthunter007]

There is a pretty decent program from W3af and you can always start with 'x' OR 'x' ;# move in to using NMAP sql injection listing with brute force word list. Look at DVWA as well its solid training on SQL-Injection and XXS scripting.

[operat0r_001]

* sqlninja

* Havij 1.15 - Advanced SQL Injection (windows )

* DbVisualizer 7.1.2 best tool ever for windows / sql servers supports mysql oracle db2 sqlite3 and mssql all without installing a bunch of crap ! (85 megs built with thinapp )