Howdy. Today we’ll be going through a SQL injection edge case that tends to be missed by automated scanning tools - SQL injection in web application image constructors. At times web applications have requirements for the creation of images based on some input data. Commonly this input is related to the dimensions of the output image, dynamic watermarking and branding or some other aesthetic requirement. Sometimes applications need to represent data sets in an image. A common example would be related to the use of libraries that create a chart based on some user supplied input or data from a database.
Automated scanning solutions tend to ignore any HTTP responses that contain an image related mime type. This is typically due to the inherent size of the responses and the preference HTTP libraries have for parsing text based data.
read more.............http://blog.gdssecurity.com/labs/2014/4/24/sql-injection-in-dynamically-constructed-images-and-other-sq.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GdsSecurityBlog+%28GDS+Security+Blog%29
Automated scanning solutions tend to ignore any HTTP responses that contain an image related mime type. This is typically due to the inherent size of the responses and the preference HTTP libraries have for parsing text based data.
read more.............http://blog.gdssecurity.com/labs/2014/4/24/sql-injection-in-dynamically-constructed-images-and-other-sq.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GdsSecurityBlog+%28GDS+Security+Blog%29