sqli blind

Blind SQL injection occurs when the application does not display error messages, making it challenging to directly extract data.

Blind SQL injection occurs when the application does not display error messages, making it challenging to directly extract data. In such cases, a technique called "blind" exploitation is used, where an attacker sends crafted queries to the application and observes its behavior to infer information about the underlying database.

To successfully log in once again, we will need an overall true query. This can be achieved by injecting an OR condition into the password field, so it will always return true. Let us try something' or '1'='1 as the password.

The additional OR condition resulted in a true query overall, as the WHERE clause returns everything in the table, and the user present in the first row is logged in. In this case, as both conditions will return true, we do not have to provide a test username and password and can directly start with the ' injection and log in with just ' or '1' = '1.

This works since the query evaluate to true irrespective of the username or password.

subverting query logic

https://academy.hackthebox.com/module/33/section/194academy.hackthebox.com

PayloadsAllTheThings/SQL Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub

time based