312-50V12 Question #200: Real Exam Question with Answer & Explanation

Question

During an attempt to perform an SQL injection attack, a certified ethical hacker is focusing on the identification of database engine type by generating an ODBC error. The ethical hacker, after injecting various payloads, finds that the web application returns a standard, generic error message that does not reveal any detailed database information. Which of the following techniques would the hacker consider next to obtain useful information about the underlying database?

Options

• AUtilize a blind injection technique that uses time delays or error signatures to extract information
• BTry to insert a string value where a number is expected in the input field
• CAttempt to compromise the system through OS-level command shell execution
• DUse the UNION operator to combine the result sets of two or more SELECT statements

Explanation

When direct error-based SQL injection fails to reveal database information due to generic error messages, a certified ethical hacker should next employ blind SQL injection techniques.

Common mistakes.

• B. Inserting a string where a number is expected is a common initial technique to trigger database errors; however, the question states this approach already resulted in a generic, uninformative error message.
• C. OS-level command shell execution is an advanced post-exploitation step to gain deeper system access, not an initial reconnaissance technique for identifying database engine type.
• D. UNION-based injection is used to extract data directly by combining query results, but it relies on the application displaying the output, which is unlikely when detailed error messages are already suppressed.

Concept tested. Blind SQL injection reconnaissance

Reference. https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05-SQL_Injection

No community discussion yet for this question.