Web - Server

Friday 4 December 2015, 12:28  #1
Web - Server - SQL injection - Time based
pon4ik
pon4ik
  • 4 posts

Hi!
For a while I tried a lot of ways to test injection vulnerability in 3 parameters assuming that there is double blind sql injection vulnerability exists and that dbsm can be not only sqlite. Unfortunetly, no vuln parameters wee found, is it task still correct or was it patched? Any hint how to examine vuln ?

Friday 4 December 2015, 12:37  #2
Web - Server - SQL injection - Time based
zM_
zM_
  • 36 posts

Patched ? What the hell are you saying ?  😡 The flaw has obviously NOT been patched.
The title of this challenge is quiet a big hint i assume. Maybe the biggest one you could find actually. You must also have a look at the document linked below the challenge’s validation form. This resource is very helpful and gives you good explanation about time based attacks and, in particular, about SQLi time based attacks.
Have fun

Sunday 15 March 2020, 16:36  #3
Web - Server - SQL injection - Time based
andrea.abram
andrea.abram
  • 1 posts

No space left on device (28)

So php can’t create session :(

New reply New reply   New topic New topic