-2

The query time is controllable using parameter value [' | case randomblob(1000000000) when not null then "" else "" end | '], which caused the request to take [142] milliseconds, parameter value [' | case randomblob(1000000000) when not null then "" else "" end | '], which caused the request to take [142] milliseconds, when the original unmodified query with value [24] took [66] milliseconds.

So I found a SQL injection vuln on my site and its ' | case randomblob(1000000000) when not null then "" else "" end | '

my site https://sample.com/cdn-cgi/bm/cv/result?req_id=6506bd25b9e42c3e

I don't know how to see the database on sqlmap to see if its vuln is that serious how can I test this SQL injection manually??

Tsombie
  • 1
  • 1
  • This seems to be a re-post of this: https://stackoverflow.com/questions/67501858/how-do-i-use-this-vulnerability-and-try-and-see-how-exaclty-it-works – kingthorin May 17 '21 at 19:01
  • Yeah i got no support at all so i reposted it – Tsombie May 17 '21 at 20:24
  • Not sure that being impatient or acting entitled is going to garner any sympathy from SO, SQLmap, or ZAP communities. You should probably consult a resource like https://owasp.org/wstg or your search engine of choice for info in SQLi exploits and testing. – kingthorin May 17 '21 at 22:20
  • Does this answer your question? [How do i use this vulnerability and try and see how exaclty it works?](https://stackoverflow.com/questions/67501858/how-do-i-use-this-vulnerability-and-try-and-see-how-exaclty-it-works) – Mate Mrše May 18 '21 at 06:59

1 Answers1

0

the link of the portswigger would help to understand the issue. if your server is delayed because of the request, your db server is vulnerable for SQLi.

https://portswigger.net/web-security/sql-injection/blind/lab-time-delays

https://portswigger.net/web-security/sql-injection/blind/lab-time-delays-info-retrieval

syiAtProvence
  • 41
  • 2