Academy & Industry Research Collaboration Center (AIRCC)

Volume 10, Number 19, December 2020

Blind SQL Injection Attacks Optimization


Ruben Ventura, Independent Security Researcher, Mexico


This paper presents new and evolved methods to perform Blind SQL Injection attacks. These are much faster than the current publicly available tools and techniques due to optimization and redesign ideas that hack databases in more efficient methods, using cleverer injection payloads; this is the result of years of private research. Implementing these methods within carefully crafted code has resulted in the development of the fastest tools in the world to extract information from a database through Blind SQL Injection vulnerabilities. These tools are around 1600% faster than the currently most popular tools. The nature of such attack vectors will be explained in this paper, including all of their intrinsic details.


Web Application Security, Blind SQL Injection, Attack Optimization, New Exploitation Methods.