Commit Graph

49 Commits

Author SHA1 Message Date
Miroslav Stampar
af1c9c7fb2 Related to the last commit 2016-10-04 23:48:09 +02:00
Miroslav Stampar
06b54ab134 Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems) 2016-10-04 23:43:00 +02:00
Miroslav Stampar
fee5c7bd7c Adding two new payloads and minor cosmetics 2016-10-04 23:39:18 +02:00
Miroslav Stampar
fb8afc6add Adding a new payload (Oracle boolean based on error response) 2016-10-04 22:12:00 +02:00
Miroslav Stampar
3409953538 Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows) 2016-09-29 12:59:51 +02:00
Miroslav Stampar
d36b5c0a4b Adding time-based blind (heavy query) payloads for Informix (Issue #552) 2016-09-28 10:30:09 +02:00
Miroslav Stampar
5079c42788 Adding Informix parameter replacement payloads (Issue #552) 2016-09-27 14:39:17 +02:00
Miroslav Stampar
bc7ab01066 Bug fix for generic parameter replacement (CASE) 2016-09-27 14:29:18 +02:00
Miroslav Stampar
c7f615f707 Renaming payload files (consistency with the rest of the project) 2016-07-17 00:21:16 +02:00
Miroslav Stampar
74d0315fef Update related to the last commit 2016-07-03 02:14:23 +02:00
Miroslav Stampar
3a9e36c52b Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass) 2016-07-03 02:03:30 +02:00
Miroslav Stampar
cc313280af Payload that never ever worked (now fixed) 2016-06-03 13:16:00 +02:00
Miroslav Stampar
f06ff42c58 This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE) 2016-06-03 10:42:57 +02:00
Miroslav Stampar
4bc1cf4518 Vastly better patch for MsSQL payloads 2016-06-03 10:29:04 +02:00
Miroslav Stampar
d326965966 Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts) 2016-06-01 14:12:22 +02:00
Miroslav Stampar
f0b8fbb7fd Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads) 2016-06-01 13:23:41 +02:00
Miroslav Stampar
acc1277246 Minor update 2016-05-30 14:13:57 +02:00
Miroslav Stampar
b4ebbae354 New payload(s) 2016-05-30 11:25:24 +02:00
Miroslav Stampar
79d08906a4 Cleaning some redundant payload(s) 2016-05-27 23:59:48 +02:00
Miroslav Stampar
b9e5655e3c Proper naming 2016-05-22 14:26:36 +02:00
Miroslav Stampar
439fff684e Minor update (MSSQL CONCAT payload) 2016-05-11 09:42:54 +02:00
Miroslav Stampar
38fcc5a35a Update for pre-WHERE payloads 2016-04-08 13:19:42 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
df8e4b504d Patch for special cases of OR boolean-based blind (covered with last two commits) 2016-01-14 13:51:30 +01:00
Miroslav Stampar
5ff59296ef Space after the generic comments has to be "protected" 2015-10-22 14:47:19 +02:00
Miroslav Stampar
ee22c477db Minor patch for #1363 2015-08-28 10:59:12 +02:00
Miroslav Stampar
61b33f24d4 Implements #1363 2015-08-28 10:52:36 +02:00
Miroslav Stampar
26bec7219d Update for an Issue #1184 2015-03-31 07:33:50 +02:00
Bernardo Damele
9eb7a0a0f2 enhanced time-based payloads - issue #1169 2015-03-19 12:09:43 +00:00
Bernardo Damele
2bdf121915 cleanup 2015-03-04 13:36:09 +00:00
Bernardo Damele A. G.
b2fca35c36 consolidated some time-based blind payloads - issue #1169 2015-03-03 14:22:20 +00:00
Bernardo Damele
37ca0a95f1 consolidated stacked queries payloads - issue #1169 2015-03-03 14:19:36 +00:00
Bernardo Damele
849ca3da3d added a newline 2015-03-03 14:18:53 +00:00
Miroslav Stampar
b74edf9664 Fixes #1175 2015-02-25 10:16:01 +01:00
Bernardo Damele
21c1ae427b swapped generic and MySQL-specific UNION payloads - issue #1169 2015-02-21 12:57:28 +00:00
Bernardo Damele
4bbf168b18 Minor titles fix 2015-02-20 18:35:13 +00:00
Bernardo Damele
ab6cc271d3 Major consistency rework of error-based payloads - issue #1169 2015-02-20 18:34:47 +00:00
Bernardo Damele
9fed41ddc2 Major consistency rework of boolean payloads - issue #1169 2015-02-20 18:34:23 +00:00
Bernardo Damele
2d886011c8 Consistency in enums 2015-02-20 18:33:04 +00:00
Bernardo Damele
1ecb921ba7 Consistency in enums 2015-02-20 18:31:47 +00:00
Bernardo Damele
3b3205c532 Minor stacked queries and time-based payloads cleanup - issue #1169 2015-02-20 15:44:06 +00:00
Bernardo Damele
5b65d2e133 more consistency of boolean blind payloads - issue #1169 2015-02-20 11:34:16 +00:00
Bernardo Damele
f547a776d8 consolidating blind based payloads - issue #1169 2015-02-19 16:42:26 +00:00
Bernardo Damele
4195f770a3 removing one unnecessary character from stacked payloads 2015-02-19 16:41:55 +00:00
Bernardo Damele
6cc092b926 split payloads in different files 2015-02-18 10:13:44 +00:00
Bernardo Damele
560bc7cc28 minor fixes 2015-02-18 09:51:07 +00:00
Bernardo Damele
c51ecf33f3 ported the recent MySQL time-based payload (introduced with 66c2a79397) to other techniques and conditions 2015-02-18 09:45:44 +00:00
Bernardo Damele
84349a370a minor code cleanup 2015-02-15 19:51:07 +00:00
Bernardo Damele
32ab52b8ca code refactoring: split boundaries and payloads XML files 2015-02-15 16:31:35 +00:00