
PYTHON - Blind Sql Injection Automation Using Python
In this blog, i will make sql injection automation using python
14 October, 2022
12
12
0
Contributors
@ShowwcaseHQ #hacktoberfest Blind SQL Injection results from an insufficient mitigation for SQL Injection. Although suppressing database error messages are considered best practice, the suppression alone is not sufficient to prevent SQL Injection.BAlind SQL Injection is a form of SQL Injection that overcomes the lack of error messages. Without the error messages that facilitate SQL Injection, the adversary constructs input strings that probe the target through simple Boolean SQL expressions. The adversary can determine if the syntax and structure of the injection was successful based on whether the query was executed or not. Applied iteratively, the adversary determines how and where the target is vulnerable to SQL Injection.
In the case of a Content-based Blind SQL Injection attack, the attacker makes different SQL queries that ask the database TRUE or FALSE questions. Then they analyze differences in responses between TRUE and FALSE statements.
I will inject the form using script sql to check database name look like this:


So how to solve it and what if we can't guess the name of the database? :(
We can try bruteforce using substring function in mysql, and now we can check one by one the letters in the database. Exampe we can use script like this:

But if we use manual bruteforce it will take a very long time, we can create a code using python for bruteforce the database.
xixixixixi

Create Python Code
And now i have a pytho script for blind sql injection. We can create python script for sql injection automation and exploit the website like this.
You can use Python3 for run this code

How to prevent SQL injection
Most instances of SQL injection can be prevented by using parameterized queries (also known as prepared statements) instead of string concatenation within the query.
The following code is vulnerable to SQL injection because the user input is concatenated directly into the query:
This code can be easily rewritten in a way that prevents the user input from interfering with the query structure:
Before We End...
Let's connect,
hacktoberfest