Blind SQL Injection, or passing the elephant through the needle hole
This SANS Diary entry from Bojan Zdrnja is a very good explanation about how an apparently non-exploitable SQL Injection condition can be used to get important information from the database. Just by looking at one of the sample injected SQL statements you can see how complex a SQL Injection attack can be:
event = tr’ || (select case
when substr(banner, 1, 1) = ‘A’ then ‘u’ else ‘X’ end from (select
banner from v$version where banner like ‘%Oracle%’)) || ‘e
