In sqlmap I want to use time-based blind sqli technique. --technique= comes with a default of BEUSTQ which letter should use for time based blind only?
i think u should have a cookie for sql time-based blind .
For example tihs
sqlmap -u 'http://192.168.85.129/vulnerabilities/sqli_blind/?id=&Submit=Submit' --cookie="PHPSESSID=1k37fvfqn08c82ua7qrgvp3su4; security=low" --dump --users --passwords
or this is for --technique=BEUSTQ .
--banner --technique=BEUSTQ --level=1,2,3,4,5
GET and POST parameters are always tested, HTTP Cookie header values are tested from level 2 HTTP User-Agent/Referer headers' value is tested from level 3. --risk=1,2,3,4 The default value is 1 which is innocuous for the majority of SQL injection points. Risk value 2 adds to the default level the tests for heavy query time-based SQL injections and value 3 adds also OR- based SQL injection tests. --second-order=visible_page_url Injection