pierre Posted October 6, 2017 Share Posted October 6, 2017 Hello, I am looking toward blind SQL injection recently :) Indeed, in a login:pwd interface I hit a right mail usermane along with this as a password: test'-SLEEP(5)# Then I land in the account interface !! I don't take it at all.. Blind SQLi isn't suppose to guess the password by triyng each letters like: test'-(SELECT * FROM (SELECT(SLEEP(20)))a)-' test'-(SELECT * FROM (SELECT(SLEEP(20)))b)-' ? Thanks :) Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.