html1 = request("https://example.com/search?query=test")
html2 = request("https://example.com/search?query=test' or 1=1--")
if (html1 != html2)
sql_injection_vulnerable = true
Which of course is total nonsense, just because it returns different content doesn't mean anything. ../../apache/logs/error.log
AND%20(SELECT%208203%20FROM%20(SELECT(SLEEP(5)))xGId)
/../..//../..//../..//../winnt/system32/netstat.exe?-a
We "failed" and were not in compliance as you could make a request containing one of those strings--ignoring that neither Apache, SQL, or Windows were in use.
[1] https://shop.panasonic.com/pages/multishape [2] https://www.amazon.com/dp/B0CMGQWM1B