INFO LAB :→
This lab contains a blind SQL injection vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted cookie.
The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows or causes an error. However, since the query is executed synchronously, it is possible to trigger conditional time delays to infer information.
GOAL : →
To solve the lab, exploit the SQL injection vulnerability to cause a 10 second delay.
🔍 We need to detect the database type to use specific payloads.
I used sqlmap to detect the database type with the following command:
sqlmap "url_target_lab" --level=5 --risk=3
✅ From the result, I found that the database is PostgreSQL.
📚 We'll refer to the following cheat sheet to test the injectable point:
🔗 SQL Injection Cheat Sheet - PortSwigger
🧪 For PostgreSQL, we will use the time-based payload
pg_sleep(10)