Sam is auditing a web application for SQL injection vulnerabilities. During the testing, Sam discovered that the web application is vulnerable to SQL injection. He starts fuzzing the search field in the web application with UNION based SQL queries, however, he realized that the underlying WAF is blocking the requests. To avoid this, Sam is trying the following query: UNION/**/SELECT/**/'/**/OR/**/1/**/=/**/1 Which of the following evasion techniques is Sam using?
A) Sam is using char encoding to bypass WAF
B) Sam is using obfuscated code to bypass WAF
C) Sam is using inline comments to bypass WAF
D) Sam is manipulating white spaces to bypass WAF
Correct Answer:
Verified
Q251: During the reconnaissance phase of a penetration
Q252: Analyze the packet capture from Wireshark below
Q253: ABC Technologies, a large financial company, hired
Q254: Dale is a network admin working in
Q255: Nick is a penetration tester in Stanbiz
Q257: James is a security consultant at Big
Q258: Which of the following SQLMAP commands will
Q259: You are enumerating a target system. Which
Q260: William, a penetration tester in a pen
Q261: Smith, a pen tester, has been hired
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents