Sqlmap, using technique

user8377060 picture user8377060 · Aug 2, 2017 · Viewed 11.2k times · Source

In sqlmap I want to use time-based blind sqli technique. --technique= comes with a default of BEUSTQ which letter should use for time based blind only?

Answer

Üneys picture Üneys · Aug 21, 2017

i think u should have a cookie for sql time-based blind .

For example tihs

sqlmap -u 'http://192.168.85.129/vulnerabilities/sqli_blind/?id=&Submit=Submit' --cookie="PHPSESSID=1k37fvfqn08c82ua7qrgvp3su4; security=low" --dump --users --passwords

or this is for --technique=BEUSTQ .

--banner --technique=BEUSTQ --level=1,2,3,4,5 

GET and POST parameters are always tested, HTTP Cookie header values are tested from level 2 HTTP User-Agent/Referer headers' value is tested from level 3. --risk=1,2,3,4 The default value is 1 which is innocuous for the majority of SQL injection points. Risk value 2 adds to the default level the tests for heavy query time-based SQL injections and value 3 adds also OR- based SQL injection tests. --second-order=visible_page_url Injection