Click here to Skip to main content
15,892,059 members
Search within:


Time-based mysql injection penetration testing tool - sleep() not working
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
MySQL
Hello,

I'm creating a penetration testing tool to scan for a variety of sql injection vulnerabilities. A simple starting example I'm failing to get working is the following;
http://xxx/update_comment.php?id=test';select case when (select substring(table_name, 1, 1) from information_schema.tables limit 1) = 'b' then 1 else sleep(3) end#

This is the relevant line of my test script which is causing problems;
PHP
$conn->query('UPDATE test_table SET id = id WHERE id = \'' . $_GET['id'] . '\'');

When I execute the command which would be executed by the script, in Adminer, it works. But when the script tries it, it returns immediately and as such, no timings can be gathered from the test. What could be causing this immediate return?

What I have tried:

Changing the sleep time
Asking google, to no avail
Posted
Add a Solution
Comments
[no name] 13-Oct-18 19:52pm    
I finally figured out it was because you have to use the multiquery method to have multiple queries. My solution was to use one query but have an 'or' statement to append the rest of the injected code rather than have a separate query.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 13 Oct 2018
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900