Understanding sqlmap's payload for blind sql injection

Asked Nov 11 '20 at 20:41

Active Nov 12 '20 at 13:44

Viewed 287 times

I am fairly new to sql injections and tried to solve a little hackit to understand everything better. I wasn't able to solve one of the levels so I ran sqlmap to see what it would do. The payloads that I got looked a bit like this

http://some-hackit.com/sqli/level4.php?id=0'+or+ascii(substring((select+smth+from+something+limit+0,1),1,1))=120+and+'1'+'1

I don't really understand what and+'1'+'1 is doing. As soon as I add this part to all of my other injections they suddenly work and I am able to solve the hackit. I tried to search for explanations online, but didn't find anything. I would really appreciate it if someone on here could maybe explain it to me.

Edit: While playing around with the payload I noticed that simply adding +and+'1 has the same effect. All of my injections suddenly work. Furthermore, it doesn't even have to be the number 1. Any number works as long as I put an apostrophe in front. However, I still don't understand what is happening here.

edited Nov 12 '20 at 13:44

asked Nov 11 '20 at 20:41

cybel

are you sure it's 1+1 and not 1=1? – Soufiane Tahiri Nov 12 '20 at 10:52
what if you use only an apostrophe? -> `'` – Soutzikevich Nov 12 '20 at 18:28
I am absolutely sure it is not 1=1. I tried the injections with only an apostrophe but it does not work. I need a number after the apostrophe. – cybel Nov 13 '20 at 16:54
you need to learn SQL. – john doe Nov 13 '20 at 21:24
Thanks. That was the answer I was looking for. – cybel Nov 14 '20 at 21:52

Understanding sqlmap's payload for blind sql injection

0 Answers0