How to test this vulnerability?
Question
The query time is controllable using parameter value [' | case randomblob(1000000000) when not null then "" else "" end | '], which caused the request to take [142] milliseconds, parameter value [' | case randomblob(1000000000) when not null then "" else "" end | '], which caused the request to take [142] milliseconds, when the original unmodified query with value [24] took [66] milliseconds.
So I found a SQL injection vuln on my site and its ' | case randomblob(1000000000) when not null then "" else "" end | '
my sitehttps://sample.com/cdn-cgi/bm/cv/result?req_id=6506bd25b9e42c3e
I don't know how to see the database on sqlmap to see if its vuln is that serious how can I test this SQL injection manually??
1 answers
solution1
0 2021-06-11 08:03:52
the link of the portswigger would help to understand the issue. if your server is delayed because of the request, your db server is vulnerable for SQLi.
https://portswigger.net/web-security/sql-injection/blind/lab-time-delays
https://portswigger.net/web-security/sql-injection/blind/lab-time-delays-info-retrieval
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.