Testing for SQL injection vulnerabilities with Burp Suite - PortSwigger
The keyword string you provided is a . It is not a legitimate search term but a diagnostic tool used by security researchers and attackers to identify if a database (specifically PostgreSQL ) is vulnerable to unauthorized commands. 1. Payload Breakdown
: Attempts to break out of a text string in the original SQL query.
The payload is designed to force the database to "pause" for a set amount of time if a condition is true, allowing an observer to confirm a vulnerability. :
: Adds a logical condition that must be evaluated.
