sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 09:57:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE)

Browse Source
This commit is contained in:
Miroslav Stampar 2016-06-03 10:42:57 +02:00
parent 4bc1cf4518
commit f06ff42c58
2 changed files with 1 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.6.17" VERSION = "1.0.6.18"
REVISION = getRevisionNumber() REVISION = getRevisionNumber()
STABLE = VERSION.count('.') <= 2 STABLE = VERSION.count('.') <= 2
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

42
xml/payloads/05_time_blind.xml
View File

@ -1418,27 +1418,6 @@
</details> </details>
</test> </test>
<test>
<title>Microsoft SQL Server/Sybase time-based blind - Parameter replace</title>
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>1,3,9</clause>
<where>3</where>
<vector>(SELECT (CASE WHEN ([INFERENCE]) THEN WAITFOR DELAY '0:0:[SLEEPTIME]' ELSE [RANDNUM]*(SELECT [RANDNUM] UNION ALL SELECT [RANDNUM1]) END))</vector>
<request>
<payload>(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN WAITFOR DELAY '0:0:[SLEEPTIME]' ELSE [RANDNUM]*(SELECT [RANDNUM] UNION ALL SELECT [RANDNUM1]) END))</payload>
</request>
<response>
<time>[SLEEPTIME]</time>
</response>
<details>
<dbms>Microsoft SQL Server</dbms>
<dbms>Sybase</dbms>
<os>Windows</os>
</details>
</test>
<test> <test>
<title>Microsoft SQL Server/Sybase time-based blind - Parameter replace (heavy queries)</title> <title>Microsoft SQL Server/Sybase time-based blind - Parameter replace (heavy queries)</title>
<stype>5</stype> <stype>5</stype>
@ -1718,27 +1697,6 @@
</details> </details>
</test> </test>
<test>
<title>Microsoft SQL Server/Sybase time-based blind - ORDER BY clause</title>
<stype>5</stype>
<level>3</level>
<risk>1</risk>
<clause>2,3</clause>
<where>1</where>
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN WAITFOR DELAY '0:0:[SLEEPTIME]' ELSE [RANDNUM]*(SELECT [RANDNUM] UNION ALL SELECT [RANDNUM1]) END))</vector>
<request>
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN WAITFOR DELAY '0:0:[SLEEPTIME]' ELSE [RANDNUM]*(SELECT [RANDNUM] UNION ALL SELECT [RANDNUM1]) END))</payload>
</request>
<response>
<time>[SLEEPTIME]</time>
</response>
<details>
<dbms>Microsoft SQL Server</dbms>
<dbms>Sybase</dbms>
<os>Windows</os>
</details>
</test>
<test> <test>
<title>Microsoft SQL Server/Sybase time-based blind - ORDER BY clause (heavy query)</title> <title>Microsoft SQL Server/Sybase time-based blind - ORDER BY clause (heavy query)</title>
<stype>5</stype> <stype>5</stype>