Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows)

2025-01-23 15:54:24 +03:00 · 2016-09-29 12:59:51 +02:00 · 2016-09-29 12:59:51 +02:00 · 3409953538
commit 3409953538
parent 3b3ab072e6
5 changed files with 17 additions and 17 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import OS
 from lib.core.revision import getRevisionNumber

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.9.52"
+VERSION = "1.0.9.53"
 REVISION = getRevisionNumber()
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6  lib/core/readlineng.py
 5ef56abb8671c2ca6ceecb208258e360  lib/core/replication.py
 99a2b496b9d5b546b335653ca801153f  lib/core/revision.py
 7c15dd2777af4dac2c89cab6df17462e  lib/core/session.py
-ddab16d302a21444b7f12de4630af2df  lib/core/settings.py
+b112acf982657cb2bb7a4dbf00dc7b7a  lib/core/settings.py
 7af83e4f18cab6dff5e67840eb65be80  lib/core/shell.py
 23657cd7d924e3c6d225719865855827  lib/core/subprocessng.py
 c3ace7874a536d801f308cf1fd03df99  lib/core/target.py
@ -451,7 +451,7 @@ a279656ea3fcb85c727249b02f828383  xml/livetests.xml
 4b266898af8b7f380db910511de24ec4  xml/payloads/boolean_blind.xml
 103a4c9b12c582b24a3fac8147a9c8d4  xml/payloads/error_based.xml
 06b1a210b190d52477a9d492443725b5  xml/payloads/inline_query.xml
-96adb9bfbab867d221974d3ddb303cb6  xml/payloads/stacked_queries.xml
-9abc699fadede1e31586c2263ca900a4  xml/payloads/time_blind.xml
-033b39025e8ee0f302935f6db3a39e77  xml/payloads/union_query.xml
+3194e2688a7576e1f877d5b137f7c260  xml/payloads/stacked_queries.xml
+c2d8dd03db5a663e79eabb4495dd0723  xml/payloads/time_blind.xml
+ac649aff0e7db413e4937e446e398736  xml/payloads/union_query.xml
 1587a02322a96ac48973e782d6fedf73  xml/queries.xml
--- a/xml/payloads/stacked_queries.xml
+++ b/xml/payloads/stacked_queries.xml
@ -5,7 +5,7 @@
    <test>
        <title>MySQL &gt; 5.0.11 stacked queries (comment)</title>
        <stype>4</stype>
-        <level>1</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>0</clause>
        <where>1</where>
@ -26,7 +26,7 @@
    <test>
        <title>MySQL &gt; 5.0.11 stacked queries</title>
        <stype>4</stype>
-        <level>2</level>
+        <level>3</level>
        <risk>1</risk>
        <clause>0</clause>
        <where>1</where>
@ -46,7 +46,7 @@
     <test>
        <title>MySQL &gt; 5.0.11 stacked queries (query SLEEP - comment)</title>
        <stype>4</stype>
-        <level>2</level>
+        <level>3</level>
        <risk>1</risk>
        <clause>0</clause>
        <where>1</where>
@ -67,7 +67,7 @@
    <test>
        <title>MySQL &gt; 5.0.11 stacked queries (query SLEEP)</title>
        <stype>4</stype>
-        <level>3</level>
+        <level>4</level>
        <risk>1</risk>
        <clause>0</clause>
        <where>1</where>
@ -87,7 +87,7 @@
    <test>
        <title>MySQL &lt; 5.0.12 stacked queries (heavy query - comment)</title>
        <stype>4</stype>
-        <level>2</level>
+        <level>3</level>
        <risk>2</risk>
        <clause>0</clause>
        <where>1</where>
@ -107,7 +107,7 @@
    <test>
        <title>MySQL &lt; 5.0.12 stacked queries (heavy query)</title>
        <stype>4</stype>
-        <level>4</level>
+        <level>5</level>
        <risk>2</risk>
        <clause>0</clause>
        <where>1</where>
--- a/xml/payloads/time_blind.xml
+++ b/xml/payloads/time_blind.xml
@ -570,7 +570,7 @@
    </test>

    <test>
-        <title>Microsoft SQL Server/Sybase time-based blind</title>
+        <title>Microsoft SQL Server/Sybase time-based blind (IF)</title>
        <stype>5</stype>
        <level>1</level>
        <risk>1</risk>
@ -591,7 +591,7 @@
    </test>

    <test>
-        <title>Microsoft SQL Server/Sybase time-based blind (comment)</title>
+        <title>Microsoft SQL Server/Sybase time-based blind (IF - comment)</title>
        <stype>5</stype>
        <level>4</level>
        <risk>1</risk>
--- a/xml/payloads/union_query.xml
+++ b/xml/payloads/union_query.xml
@ -346,7 +346,7 @@
    <test>
        <title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
        <stype>6</stype>
-        <level>1</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>1,2,3,4,5</clause>
        <where>1</where>
@ -368,7 +368,7 @@
    <test>
        <title>MySQL UNION query (NULL) - [COLSTART] to [COLSTOP] columns (custom)</title>
        <stype>6</stype>
-        <level>1</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>1,2,3,4,5</clause>
        <where>1</where>
@ -412,7 +412,7 @@
    <test>
        <title>MySQL UNION query ([CHAR]) - 1 to 10 columns</title>
        <stype>6</stype>
-        <level>1</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>1,2,3,4,5</clause>
        <where>1</where>
@ -434,7 +434,7 @@
    <test>
        <title>MySQL UNION query (NULL) - 1 to 10 columns</title>
        <stype>6</stype>
-        <level>1</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>1,2,3,4,5</clause>
        <where>1</where>