Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab: Blind SQL injection with conditional responses

Tanvir | Last updated: Apr 08, 2020 05:52AM UTC

Tried all the solution in mind, in the end even given solution is not working please look. union select 'a' from users where username='administrator' AND length(password)<1 is also returning true which should be false.and these did not work either. and (select if((length((select password from users where username='administrator')))>1,1,0))

Ben, PortSwigger Agent | Last updated: Apr 08, 2020 08:40AM UTC

Hi, I have just tried this lab and was able to solve it using the solution provided. Are you including the TrackingId=x' portion of the payload when you attempt this lab?

Armaan | Last updated: Jan 01, 2021 08:58PM UTC

Yes you can just pass through TrackingId=x'+OR+1=1-- and likewise...

Manish | Last updated: Mar 07, 2021 06:13PM UTC

I am not able to intercept Blind SQL injection with conditional responses website through BurpSuite. Please help me to how to intercept Blind SQL injection with conditional response.

Ben, PortSwigger Agent | Last updated: Mar 08, 2021 08:22AM UTC

Hi Manish, To clarify, do you have Burp configured so that traffic from your browser will be proxied through Burp? Is it just this lab you are having difficulties with or are you not able to proxy traffic through Burp for any website?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.