SQL Injection Isn't Going Anywhere
SQL injections might sound like a thing of the past, but in actuality it is still one of the most widely used methods of attack directed towards web applications around the world. As stated in the Akamai Media Under Assault report a staggering 69.7% of all web application attacks between January 2018 and June 2019 were SQL injections. That is a LOT considering that it was supposedly first discovered by a man by the name of Jeff "Rain Forrest Puppy" Forristal back in 1998. Yes... '98.
Blind SQL Injection
Blind SQL injection is similar to normal SQL injection, except that the HTTP responses will not contain the results of the relevant SQL query and a generic error page is shown instead. Only one bit of information (true/false) can be extracted per request -- but that is all it takes.
Meteor Blind NoSQL Injection
I recently came across a Meteor application, which had a publicly callable method 'users.count' that would return the count of users registered in the app. While this may not be significant from a threat assessment perspective, I decided to give it another look and dig a bit deeper.
Blind Command Injection
Executing a Command Injection attack simply means running a system command on someone’s server through a web application or some other exploitable application running on that server. Executing a Blind Command Injection attack means that you are unable to see the output of the command you've run on the server.