sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixing MySQL/stacked payloads (also removing stacked conditional-error version as it's syntatically incorrect)

Browse Source
This commit is contained in:
Miroslav Stampar 2013-06-05 14:32:06 +02:00
parent 39612b5d87
commit ad07add549
1 changed files with 2 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
xml/payloads.xml
View File

@ -1084,26 +1084,6 @@ Formats:
<!-- Stacked conditional-error blind queries tests -->
<test>
<title>MySQL stacked conditional-error blind queries</title>
<stype>1</stype>
<level>3</level>
<risk>0</risk>
<clause>0</clause>
<where>1</where>
<vector>; IF(([INFERENCE]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR])</vector>
<request>
<payload>; IF(([RANDNUM]=[RANDNUM]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR])</payload>
<comment>#</comment>
</request>
<response>
<comparison>; IF(([RANDNUM]=[RANDNUM1]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR])</comparison>
</response>
<details>
<dbms>MySQL</dbms>
</details>
</test>
<test>
<title>Microsoft SQL Server/Sybase stacked conditional-error blind queries</title>
<stype>1</stype>
@ -2025,7 +2005,7 @@ Formats:
<risk>0</risk>
<clause>0</clause>
<where>1</where>
<vector>; IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<vector>; SELECT IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])</vector>
<request>
<payload>; SELECT SLEEP([SLEEPTIME])</payload>
<comment>-- </comment>
@ -2046,7 +2026,7 @@ Formats:
<risk>2</risk>
<clause>0</clause>
<where>1</where>
<vector>; IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<vector>; SELECT IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM])</vector>
<request>
<payload>; SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))</payload>
<comment>-- </comment>