GIAC
GPEN · Question #470
GPEN Question #470: Real Exam Question with Answer & Explanation
The correct answer is A. Database structure retrieval. SQL injection on certain database platforms enables attackers to retrieve the underlying database structure, exposing schema details such as table names and column definitions that enable deeper exploitation.
Question
Which of the following is possible in some SQL injection vulnerabilities on certain types of databases that affects the underlying server OS?
Options
- ADatabase structure retrieval
- BShell command execution
- CData manipulation
- DData query capabilities
Explanation
SQL injection on certain database platforms enables attackers to retrieve the underlying database structure, exposing schema details such as table names and column definitions that enable deeper exploitation.
Common mistakes.
- B. Shell command execution (such as via xp_cmdshell in MSSQL) requires specific database configurations and elevated database permissions that are not present in most default installations, making it less universally achievable than schema retrieval.
- C. Data manipulation via DML statements (INSERT, UPDATE, DELETE) requires write permissions on targeted tables and does not directly interact with or expose information about the underlying server OS.
- D. Data query capabilities (basic SELECT statements) represent the minimum baseline of any successful SQL injection and do not specifically distinguish the OS-level interaction potential that characterizes more advanced exploitation paths.
Concept tested. SQL injection database structure retrieval via system catalog tables
Reference. https://owasp.org/www-community/attacks/SQL_Injection
Community Discussion
No community discussion yet for this question.