Automate a timebase blind sql injection with curl.

Automate a timebase blind sql injection with curl.

This type of SQL injection relies on the database pausing for a specified amount of time, then returning the results, indicating successful SQL query executing. Using this method, an attacker enumerates each letter of the desired piece of data using the following logic:
+ If the first letter of the first database’s name is an ‘A’, wait for 10 seconds.
+ If the first letter of the first database’s name is an ‘B’, wait for 10 seconds. etc.

Curl blind sql injection

Curl blind sql injection

Usage:

Script:

Source : https://github.com/nvanheuverzwijn