Certified Ethical Hacker (CEH v13) — Question 196

An ethical hacker is hired to evaluate the defenses of an organization's database system which is known to employ a signature-based IDS. The hacker knows that some SQL Injection evasion techniques may allow him to bypass the system's signatures. During the operation, he successfully retrieved a list of usernames from the database without triggering an alarm by employing an advanced evasion technique. Which of the following could he have used?

Answer options

• A. Utilizing the char encoding function to convert hexadecimal and decimal values into characters that pass-through SQL engine parsing
• B. Implementing sophisticated matches such as "OR john' = 'john'" in place of classical matches like "OR 1=1"
• C. Manipulating white spaces in SQL queries to bypass signature detection
• D. Using the URL encoding method to replace characters with their ASCII codes in hexadecimal form

Correct answer: A

Explanation

The correct answer is A because utilizing the char encoding function can effectively mask the payload from signature detection by converting data into a format that is parsed correctly by the SQL engine. Options B and C involve techniques that may still trigger alerts from a signature-based IDS. Option D, while it can be effective, is less sophisticated compared to the advanced character encoding method described in A.