ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 197 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 197
Topic #: 1
[All 312-50v12 Questions]

An ethical hacker is hired to evaluate the defenses of an organization's database system which is known to employ a signature-based IDS. The hacker knows that some SQL Injection evasion techniques may allow him to bypass the system's signatures. During the operation, he successfully retrieved a list of usernames from the database without triggering an alarm by employing an advanced evasion technique. Which of the following could he have used?

  • A. Utilizing the char encoding function to convert hexadecimal and decimal values into characters that pass-through SQL engine parsing
  • B. Implementing sophisticated matches such as "OR john' = 'john'" in place of classical matches like "OR 1=1"
  • C. Manipulating white spaces in SQL queries to bypass signature detection
  • D. Using the URL encoding method to replace characters with their ASCII codes in hexadecimal form
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
e020fdc
1 month, 3 weeks ago
Selected Answer: A
I think A and so does ChatGPT. Here's why: Using functions like CHAR() (in SQL Server) or equivalents like CHR() (in Oracle) to construct strings from character codes (decimal or hexadecimal) is a common and advanced evasion technique. This bypasses literal string detection, since the payload isn't written out in a recognizable form. Here's why the others were a no: B. Implementing "OR john' = 'john'": This is a known evasion but not particularly advanced. IDS systems often already detect variations of logical tautologies. C. Manipulating white spaces: Basic evasion, and many signature-based IDS tools normalize input to detect this. D. Using URL encoding: Another basic and well-known evasion. Modern IDS systems often decode input before analysis.
upvoted 1 times
...
ba1dd4b
4 months, 3 weeks ago
Selected Answer: A
A, B, C and D. All of them. I think some questions have multiple answers. All choices are listed in Module 15, page 2322. A is the second in the list in thais page.
upvoted 1 times
...
LordXander
9 months, 1 week ago
I would definitely say A. B - boolean based SQL, is part of pretty much any decent IDS C - plausible but personally, I saw that usage of custom characters might get it bypassed for a WAF. D - is like A but you need something that can be read by SQL engine
upvoted 1 times
...
DIINESSH
9 months, 1 week ago
Selected Answer: B
ChatGPT says : B. Implementing sophisticated matches such as "OR ‘john’=’john’” allows the hacker to bypass signature-based detection systems that may only be looking for classical SQL injection patterns like "OR 1=1". By using more complex and varied syntax, the hacker can evade detection.
upvoted 1 times
...
qtygbapjpesdayazko
9 months, 2 weeks ago
Selected Answer: A
Utilizing the char encoding function to convert hexadecimal and decimal values into characters
upvoted 1 times
...
przemyslaw1
10 months, 3 weeks ago
Selected Answer: A
A. Utilizing the char encoding...
upvoted 2 times
...
insaniunt
10 months, 3 weeks ago
Selected Answer: A
Char Encoding: an attacker can encode a common injection variable present in the input string to avoid detection in the signature of network security measures. This char() function converts hexadecimal and decimal values into characters that can easily pass through SQL engine parsing. The char() function can be used for SQL injection into MySQL without double quotes - Module 15 Page 2324
upvoted 2 times
...
Nopez
11 months ago
Selected Answer: C
C. Manipulating white spaces in SQL queries to bypass signature detection
upvoted 3 times
Lalo
9 months, 3 weeks ago
Answer AAAAAAAAA Since only a signature-based IDS system is used, the best form of attack would be to use the technique that is least likely to be detected by the IDS signatures. In this case, the most effective method would probably be to use the CHAR encoding function to convert hexadecimal and decimal values into characters that pass the SQL engine's analysis. The main reason is that signature-based IDS systems tend to look for specific known patterns associated with known attacks. If the IDS is not configured to recognize CHAR encoding as an indicator of possible SQL injection, the attack is more likely to go undetected. Additionally, whitespace manipulation in SQL queries might be more easily detected by the IDS if it is configured to look for unusual whitespace patterns in SQL queries. Therefore, in this scenario, using the CHAR encoding feature would be the best option to evade IDS detection and succeed in the attack.
upvoted 2 times
...
...
xbsumz
11 months ago
Im not certain about this ethical hacking concept
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel