Introduction

Hello, friends! How are you all doing? So, this is our 12th article on SQL Injection. In this article, we will cover the PortSwigger Web Security lab on “Blind SQL injection with time delays,” from basic to advanced, in a step-by-step and easy-to-understand manner.

Lab Description

This lab focuses on a Blind SQL Injection vulnerability. The application uses a tracking cookie for analytics, and it performs an SQL query that holds the submitted cookie value. The query does not return any visible results, and you won’t see any changes in the application when your query is executed. Since the query is executed synchronously, it is possible to trigger blind SQL injection by using time delay conditionals.

To solve the lab, you need to introduce a 10-second time delay in the application using a blind SQL payload.

Lab Solution

First, access the lab. After accessing the lab, enable the Burp Suite proxy and refresh the main page of the lab to intercept the request.

Once intercepted, send the request to the Repeater tab. We will perform testing on this tab to check if there is a blind SQL injection vulnerability.

Modify the TrackingId parameter with the time delay payload:

TrackingId=x'||pg_sleep(10)--

Now, insert the time delay payload in the TrackingId parameter. Check the response to see if the application is taking more than 10 seconds to respond.

As you can see, when we inserted the payload, our PortSwigger lab on “Blind SQL injection with time delays” was automatically solved.

You can learn everything related to web security on our website. We upload the latest articles on web security topics on a daily basis, so stay with us.

To continue studying check out the next lab i.e. Blind SQL Injection With Out-Of-Band Interaction, cover the current lab before visiting the next lab. Good Luck!

FAQS