Injection Types

The sections below identify the main types of injections that can be found and how to exploit certain scenarios within those injection types.

Error Based

Error based injections are exploited through triggering errors in the database when invalid inputs are passed to it. The error messages can be used to return the full query results, or gain information on how to restructure the query for further exploitation.

Union Based

Union based SQL injection allows an attacker to extract information from the database by extending the results returned by the original query. The Union operator can only be used if the original/new queries have the same structure (number and data type of columns). You can try to enumerate the amount of columns using error based enumeration (see error based injection).

Blind Based

Blind SQL injection is one of the more advanced methods of injection. The Partial-Blind and Full-Blind methods are detailed below. Use care when performing these queries, as they can overload a server if performed through heavy automation.