< back

Exfiltrating a DB via Blind SQLi Using Python

Yesterday, during my bug-hunting journey, I discovered a cool blind SQL injection. To determine if the condition was fulfilled, I had to monitor the request content length.

I could vibehacked it using sqlmap, but, since I was studiying for OSWE, I coded this simple Python PoC to exfiltrate the database version.

blind sqli script poc

And the output:

blind sqli script output


tags: #bugbounty, #sqli, #python

Hey, I'd love to hear your thoughts! Just drop me an email.