We covered time based SQL injection using the sleep function. Time time based SQL injection relies in the response the web application takes to deduce whether there is an injection vulnerability or not. We used a lab scenario from OverTheWire Natas Level 17 that implements a web application which validates whether a user exists or not.. This was part of OverTheWire War Games Natas Level 17

Get OSCP Certificate Notes

Natas Level 17 Password


Video Walkthrough


About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles