I'm having the same issue, have you fixed it?

this video is coming up soon :)

@@RanaKhalil101 are you planning to make a course on OSCP Or just a intro video??

this would be an awsome series I would even pay for it !

in the previous video she sent pg_sleep(10) after figuring out its portsgre DB so thats how you confirm.

FIRSTLY, I think it will be better if you give the time delay something like 10, it will be easier to observe. SECONDLY, I think (1=1) is the part that is causing the error. instead of 1=1 it will be username = 'administrator' and substring(password, 1, 1) = 'a'. I created my own query you can check it out ' || (SELECT pg_sleep(10) FROM users WHERE username = 'administrator' and substring(password,1,1) = 'a')-- Here, first it checks if the table and the username exists or not. After that, it checks the next part which is the substring part. When it is FALSE, it just loads normally BUT if it is correct, it runs the SELECT part which is pg_sleep(10) and therefore we get the delay. My query is shorter because i didn't bother writing the THEN and ELSE part since I realized that even if I skip it I get the same results. BUT WHY?? It is simply because if any part from the FORM part is FALSE, it doesn't run the SELECT part (AS LEARNT ON THE PREVIOUS LAB) and therefore not triggering the time delay

did you try url encoding and changing the time delay from 3 to 10secs as I guess we may feel some seemingly false positives if the time delay is too little here? Also, was it burp community edition or professional? I have tried your query after url encoding and keeping the delay at 10. It has worked. Hope it helps! From burp intruder: Cookie: TrackingId=GMbdXi2vewPdv45S'||+(SELECT+CASE+WHEN+(1=1)+THEN+pg_sleep(10)+ELSE+pg_sleep(0)+END+FROM+users+WHERE+username%3d'administrator'+AND+SUBSTRING(password,§1§,1)='§1§')--; session=NIzq0HagUUIo0O25LXrs7XNcEItVDmXA

yes, use 1 thread it will give u defined delays