[Dailydave] Auggie

antisnatchor antisnatchor at gmail.com
Thu Jul 4 05:47:37 EDT 2013


Well actually I disagree with that article.

There have been multiple occasions of people hacking stuff with SQLmap
for example,
without even using a random UA, and many of those cases were time or
boolean blind SQLi.

Also the statement "it's hard to use", I'm not sure I agree with that
either. It's hard to use
if you retrieve bit-by-bit manually, but who does that?

Cheers
antisnatchor

> ------------------------------------------------------------------------
>
> 	Michal Zalewski <mailto:lcamtuf at coredump.cx>
> July 3, 2013 5:59 PM
>
>
>
> The entire series is, ahem, interesting, for reasons that I will leave
> open to readers' interpretation:
>
> http://blog.whitehatsec.com/interview-with-a-blackhat-part-1/
>
> /mz
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
> ------------------------------------------------------------------------
>
> 	Dave Aitel <mailto:dave at immunityinc.com>
> July 3, 2013 4:07 PM
>
>
> So I've now watched all of the Covert Affairs seasons, and I have to
> say, the writers got better as it went on and the show got a grittier,
> more disillusioned feel. More like Homeland, and less like Archer.
>
> But it's fantasy, of course. One of the characters (Auggie) is a blind
> operative and he occasionally gets sent out on missions where he runs
> about in strange cities and fights people and does other various spy
> things that are fairly hard to do when you're blind. They make it seem
> as plausible as, for example, the 5 foot, 100 pound Piper Perabo
> beating up various thugs (one per episode at least - she's quite
> violent).
>
> Auggie is blind (Note how in this obviously fantasy CIA picture there
> is no tweed, nor khakis!)
>
> In this blog, RSnake and some random blackhat go into a few things:
> http://blog.whitehatsec.com/blind-sql-injection-what-is-it-good-for/
>
> One thing they point out is that one of the random BlackHats that
> they're friends with does not really use Blind SQLi to penetrate
> machines, and he doesn't know anyone who does. "Because it's
> annoying".  Tru dat.
>
> """
> Internally at WhiteHat we've had the long-standing belief that blind
> SQL injection is rarely if ever actually used in attacks. We hear a
> lot about blind SQL injection at conferences, in papers and while
> talking with researchers, but we just don't hear about it being used.
> Sure, there may be one piece of anecdotal evidence somewhere, but as a
> general class of attack it doesn't seem to be a favorite of attackers.
> The reason being? It's hard to use.
> """
>
> I love that paragraph for so many reasons. Regardless, Immunity's
> consulting arm uses only Blind SQLi for our penetration tests, both
> for finding vulnerabilities, and for exploiting them. 
>
> -dave
> [1] Miguel's talk:
> https://lists.immunityinc.com/pipermail/dailydave/2013-January/000299.html
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20130704/104ff89e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20130704/104ff89e/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.jpg
Type: image/jpeg
Size: 416779 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20130704/104ff89e/attachment-0003.jpg>


More information about the Dailydave mailing list