nerdexam
EC-Council

312-50V10 · Question #838

Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target Injection attempts based on predefined signatures. To evade any comparison statement, he attempted plac

The correct answer is A. Null byte. Daniel inserts special characters such as quotes around numeric literals to alter the byte sequence of SQL injection strings and bypass predefined IDS signatures.

SQL Injection

Question

Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target Injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as `'or '1'='1" In any bask injection statement such as "or 1=1." Identify the evasion technique used by Daniel in the above scenario.

Options

  • ANull byte
  • BIP fragmentation
  • CChar encoding
  • DVariation

How the community answered

(33 responses)
  • A
    79% (26)
  • B
    12% (4)
  • C
    6% (2)
  • D
    3% (1)

Why each option

Daniel inserts special characters such as quotes around numeric literals to alter the byte sequence of SQL injection strings and bypass predefined IDS signatures.

ANull byteCorrect

The null byte evasion technique involves inserting special characters - including quote characters - into SQL injection payloads to create a byte-level discrepancy between what the IDS signature engine sees and what the backend database actually executes. Replacing a basic statement like 'or 1=1' with 'or '1'='1'' changes the raw character sequence enough to avoid matching predefined IDS signatures while still evaluating as a true condition in the SQL engine. This exploits the gap between signature-based pattern matching and database query parsing.

BIP fragmentation

IP fragmentation is a network-layer evasion technique that splits IP packets into fragments to bypass IDS reassembly inspection, and is unrelated to SQL injection payload crafting.

CChar encoding

Char encoding involves replacing SQL characters with their URL-encoded, hex, or Unicode equivalents (e.g., %27 for a single quote) to bypass input validation, which is distinct from substituting quoted string literals.

DVariation

Variation involves altering keyword casing or structure (e.g., 'SeLeCt' instead of 'SELECT') to evade keyword-based IDS rules, not substituting comparison syntax with quoted string equivalents.

Concept tested: SQL injection IDS evasion via null byte technique

Source: https://owasp.org/www-community/attacks/SQL_Injection_Bypassing_WAF

Topics

#SQL injection evasion#null byte#signature bypass#IDS evasion

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice