I am studying about cyber defense lately for fun and found about a proposed method that as I understand it performs automated SQL injection using brute force by training a model. At some point it says that if it receives input:
“SELECT * FRO” it will find that the next letter is “M” and then if it receives HTTP Status 200 is good and if HTTP Status 500 is bad and will train the algorithm accordingly.
Since the query “SELECT * FROM” is not complete how it will receive HTTP Status 200?
and also how this attack in general can be mitigated?
You can find the source here:
As an approach appears very interesting and would like to read an explanation from specialists.