During an attempt to perform an SQL injection attack, a certi ed ethical hacker is focusing on the identification of database engine type by generating an ODBC error. The ethical hacker, after injecting various payloads, finds that the web application returns a standard, generic error message that does not reveal any detailed database information. Which of the following techniques would the hacker consider next to obtain useful information about the underlying database?

Questions › Category: 312-50v12 › During an attempt to perform an SQL injection attack, a certi ed ethical hacker is focusing on the identification of database engine type by generating an ODBC error. The ethical hacker, after injecting various payloads, finds that the web application returns a standard, generic error message that does not reveal any detailed database information. Which of the following techniques would the hacker consider next to obtain useful information about the underlying database?

0 Vote Up Vote Down

Admin Staff asked 1 year ago

During an attempt to perform an SQL injection attack, a certi ed ethical hacker is focusing on the identification of database engine type by generating an ODBC error. The ethical hacker, after injecting various payloads, finds that the web application returns a standard, generic error message that does not reveal any detailed database information. Which of the following techniques would the hacker consider next to obtain useful information about the underlying database?

A. Utilize a blind injection technique that uses time delays or error signatures to extract information

B. Try to insert a string value where a number is expected in the input field

C. Attempt to compromise the system through OS-level command shell execution

D. Use the UNION operator to combine the result sets of two or more SELECT statements A










Correct Answer: A

This question is in 312-50v12 exam
For getting CEH Certificate