17Şub
Sqlmap Sleepy User-Agent
I was testing Burp Suite Crawl on some old php sites I made and it found Sleepy User-Agent SQL injection vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 '+(select*from(select(sleep(20)))a)+'
And I am wondering how this can be applicable in sqlmap, I found that sqlmap can be used in Boolean-based and Time-dependent SQL injection (https://stackoverflow.com/questions/33708851/combination-of-boolean-based-and-time-dependent-sql-injection-in-sqlmap) but I can not figure it out how to use it in this User-Agent vulnerability
