sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-29 13:03:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixed test case and added new one, commented out metasploit integration case as it cannot be handled easily

Browse Source
This commit is contained in:
Bernardo Damele 2012-12-20 11:05:11 +00:00
parent c2c4601d6e
commit 190e317992
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
xml/livetests.xml
View File

@ -726,7 +726,7 @@
<item value="command standard output: 'uid="/> <item value="command standard output: 'uid="/>
</parse> </parse>
</case> </case>
<!-- TODO: integration with Metasploit cannot be called yet from live testing --> <!-- TODO: integration with Metasploit cannot be called yet from live testing
<case name="MySQL shell via Metasploit integration - command execution"> <case name="MySQL shell via Metasploit integration - command execution">
<switches> <switches>
<url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/> <url value="http://debiandev/sqlmap/mysql/get_int.php?id=1"/>
@ -739,6 +739,7 @@
<item value="r'Sending stage.+Command shell session.+Linux.+uid='"/> <item value="r'Sending stage.+Command shell session.+Linux.+uid='"/>
</parse> </parse>
</case> </case>
-->
<!-- End of operating system access switches --> <!-- End of operating system access switches -->
<!-- Technique switches and corner cases --> <!-- Technique switches and corner cases -->
@ -751,7 +752,7 @@
<timeSec value="2"/> <timeSec value="2"/>
</switches> </switches>
<parse> <parse>
<item value="Title: AND/OR time-based blind"/> <item value="Type: AND/OR time-based blind"/>
<item value="Title: MySQL &lt; 5.0.12 AND time-based blind (heavy query)"/> <item value="Title: MySQL &lt; 5.0.12 AND time-based blind (heavy query)"/>
</parse> </parse>
</case> </case>
@ -794,6 +795,7 @@
<case name="MySQL against highly dynamic page"> <case name="MySQL against highly dynamic page">
<switches> <switches>
<url value="http://debiandev/sqlmap/mysql/get_int_rand.php?id=1"/> <url value="http://debiandev/sqlmap/mysql/get_int_rand.php?id=1"/>
<timeSec value="2"/>
</switches> </switches>
<parse> <parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/> <item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
@ -805,14 +807,25 @@
<case name="MySQL against a page that returns a 302 redirect page when SQL statement return no output"> <case name="MySQL against a page that returns a 302 redirect page when SQL statement return no output">
<switches> <switches>
<url value="http://debiandev/sqlmap/mysql/get_int_redirected.php?id=1"/> <url value="http://debiandev/sqlmap/mysql/get_int_redirected.php?id=1"/>
<timeSec value="2"/>
</switches> </switches>
<parse> <parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/> <item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
<item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/> <item value="Title: MySQL UNION query (NULL) - 3 columns"/>
<item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/> <item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
</parse> </parse>
</case> </case>
<case name="MySQL against a page that returns an image">
<switches>
<url value="http://debiandev/sqlmap/mysql/get_int_img.php?id=1"/>
<tech value="BT"/>
<timeSec value="2"/>
</switches>
<parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
<item value="Title: MySQL &gt; 5.0.11 AND time-based blind"/>
</parse>
</case>
<case name="MySQL against a page that returns a 302 redirect page when SQL statement returns output"> <case name="MySQL against a page that returns a 302 redirect page when SQL statement returns output">
<switches> <switches>
<url value="http://debiandev/sqlmap/mysql/get_int_redirected_true.php?id=1"/> <url value="http://debiandev/sqlmap/mysql/get_int_redirected_true.php?id=1"/>