This tweet describes a Blind SQL Injection WAF bypass technique. By entering the payload ' OR 1337=1337 LIMIT 65535 # in the Username field on the /login path of a website, the WAF can be bypassed. If blocked by the WAF, adding ?bypass=true to the URL can enable the bypass. This bypass is a Blind SQLI WAF Bypass. It is recommended not to share this technique publicly. #bugbounty #bugbountytips
For more details, check out the original tweet here: https://twitter.com/0xJin/status/1888909353715163267