1. 1
    Using Server Errors to Leak Password Hashes: Blind Error Based SQL Injection databases security k3170makan.blogspot.com
    kyle avatar via kyle 5 years ago | cached | 1 comment

  1.  

  2. 1
    graehl avatar graehl 5 years ago | link

    He describes a way of getting information when you can repeatedly run arbitrary SQL, but can only get a single bit (error or no) in response. Solution: don’t let users run arbitrary SQL.