sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-26 11:33:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

added first bunch of test cases for Firebird, issue #312

Browse Source
This commit is contained in:
Bernardo Damele 2013-01-18 23:17:43 +00:00
parent d1acdee9c4
commit edeb181c4f
1 changed files with 213 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

213
xml/livetests.xml
View File

@ -888,6 +888,219 @@
<item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/> <item value="r'Database: SQLite_masterdb.+Table: users.+5 entries.+luther.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="Firebird boolean-based multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int.php?id=1"/>
<threads value="4"/>
<tech value="B"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
</switches>
<parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
<item value="r'back-end DBMS: active fingerprint: Firebird 2.1 (dialect 3)'"/>
<item value="banner: '2.5.0'"/>
<item value="current user: 'SYSDBA'"/>
<item value="current database: '/'"/>
<item value="hostname: None"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+PUBLIC.+SYSDBA'"/>
<item value="r'database management system users privileges:.+PUBLIC.+privilege: SELECT.+SYSDBA.+privilege: DELETE.+privilege: UPDATE'"/>
<item value="r'database management system users roles:.+PUBLIC.+role: SELECT.+SYSDBA.+role: DELETE.+role: UPDATE'"/>
<item value="r'Database: Firebird_masterdb.+1 table.+USERS'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+3 columns.+SURNAME.+VARCHAR'"/>
<item value="r'Database: Firebird_masterdb.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<!-- TODO: this test case fails because of issue #358 -->
<case name="Firebird error-based multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int.php?id=1"/>
<threads value="4"/>
<tech value="E"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<tbl value="users"/>
</switches>
<parse>
<item value="Title: AND boolean-based blind - WHERE or HAVING clause"/>
<item value="r'back-end DBMS: active fingerprint: Firebird 2.1 (dialect 3)'"/>
<item value="banner: '2.5.0'"/>
<item value="current user: 'SYSDBA'"/>
<item value="current database: '/'"/>
<item value="hostname: None"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+PUBLIC.+SYSDBA'"/>
<item value="r'database management system users privileges:.+PUBLIC.+privilege: SELECT.+SYSDBA.+privilege: DELETE.+privilege: UPDATE'"/>
<item value="r'database management system users roles:.+PUBLIC.+role: SELECT.+SYSDBA.+role: DELETE.+role: UPDATE'"/>
<item value="r'Database: Firebird_masterdb.+1 table.+USERS'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+3 columns.+SURNAME.+VARCHAR'"/>
<item value="r'Database: Firebird_masterdb.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Firebird UNION query multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int.php?id=1"/>
<threads value="4"/>
<tech value="U"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<tbl value="users"/>
</switches>
<parse>
<item value="Title: Generic UNION query (NULL) - 3 columns"/>
<item value="r'back-end DBMS: active fingerprint: Firebird 2.1 (dialect 3)'"/>
<item value="banner: '2.5.0'"/>
<item value="current user: 'SYSDBA'"/>
<item value="current database: '/'"/>
<item value="hostname: None"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+PUBLIC.+SYSDBA'"/>
<item value="r'database management system users privileges:.+PUBLIC.+privilege: SELECT.+SYSDBA.+privilege: DELETE.+privilege: UPDATE'"/>
<item value="r'database management system users roles:.+PUBLIC.+role: SELECT.+SYSDBA.+role: DELETE.+role: UPDATE'"/>
<item value="r'Database: Firebird_masterdb.+1 table.+USERS'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+3 columns.+SURNAME.+VARCHAR'"/>
<item value="r'Database: Firebird_masterdb.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Firebird partial UNION query multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int_partialunion.php?id=1"/>
<threads value="4"/>
<tech value="U"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<tbl value="users"/>
</switches>
<parse>
<item value="Title: Generic UNION query (NULL) - 3 columns"/>
<item value="r'back-end DBMS: active fingerprint: Firebird 2.1 (dialect 3)'"/>
<item value="banner: '2.5.0'"/>
<item value="current user: 'SYSDBA'"/>
<item value="current database: '/'"/>
<item value="hostname: None"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+PUBLIC.+SYSDBA'"/>
<item value="r'database management system users privileges:.+PUBLIC.+privilege: SELECT.+SYSDBA.+privilege: DELETE.+privilege: UPDATE'"/>
<item value="r'database management system users roles:.+PUBLIC.+role: SELECT.+SYSDBA.+role: DELETE.+role: UPDATE'"/>
<item value="r'Database: Firebird_masterdb.+1 table.+USERS'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+3 columns.+SURNAME.+VARCHAR'"/>
<item value="r'Database: Firebird_masterdb.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Firebird time-based single-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int_nooutput.php?id=1"/>
<tech value="T"/>
<level value="4"/>
<risk value="2"/>
<timeSec value="2"/>
<getBanner value="True"/>
<isDba value="True"/>
</switches>
<parse>
<item value="Title: Firebird AND time-based blind \(heavy query\)"/>
<item value="banner: '2.5.0'"/>
<item value="current user is DBA: True"/>
</parse>
</case>
<case name="Firebird inline queries multi-threaded enumeration - all entries">
<switches>
<url value="http://debiandev/sqlmap/firebird/get_int_inline.php?id=1"/>
<threads value="4"/>
<tech value="Q"/>
<extensiveFp value="True"/>
<getBanner value="True"/>
<getCurrentUser value="True"/>
<getCurrentDb value="True"/>
<getHostname value="True"/>
<isDba value="True"/>
<getUsers value="True"/>
<getPasswordHashes value="True"/>
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<tbl value="users"/>
</switches>
<parse>
<item value="Title: Firebird inline queries"/>
<item value="r'back-end DBMS: active fingerprint: Firebird 2.1 (dialect 3)'"/>
<item value="banner: '2.5.0'"/>
<item value="current user: 'SYSDBA'"/>
<item value="current database: '/'"/>
<item value="hostname: None"/>
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+PUBLIC.+SYSDBA'"/>
<item value="r'database management system users privileges:.+PUBLIC.+privilege: SELECT.+SYSDBA.+privilege: DELETE.+privilege: UPDATE'"/>
<item value="r'database management system users roles:.+PUBLIC.+role: SELECT.+SYSDBA.+role: DELETE.+role: UPDATE'"/>
<item value="r'Database: Firebird_masterdb.+1 table.+USERS'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+3 columns.+SURNAME.+VARCHAR'"/>
<item value="r'Database: Firebird_masterdb.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: Firebird_masterdb.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<!-- End of common enumeration switches across all techniques --> <!-- End of common enumeration switches across all techniques -->
<!-- Custom enumeration switches --> <!-- Custom enumeration switches -->