sqlmap/xml/injections.xml

65 lines
3.7 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<root>
<case name="custom" desc="custom">
<test>
<positive format="%s%s%s %s %s%d=%d %s" params="value, prefix, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randInt, randInt, suffix"/>
<negative format="%s%s%s %s %s%d=%d %s" params="value, prefix, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randInt, randInt + 1, suffix"/>
</test>
<usage>
<prefix format="%s " params="')' * parenthesis"/>
<suffix format=" %s %s" params="logic, '(' * parenthesis"/>
</usage>
</case>
<case name="numeric" desc="unescaped numeric">
<test>
<positive format="%s%s %s %s%d=%d" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randInt, randInt"/>
<negative format="%s%s %s %s%d=%d" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randInt, randInt + 1"/>
</test>
<usage>
<prefix format="%s " params="')' * parenthesis"/>
<suffix format=" %s %s%d=%d" params="logic, '(' * parenthesis, randInt, randInt"/>
</usage>
</case>
<case name="stringsingle" desc="single quoted string">
<test>
<positive format="%s'%s %s %s'%s'='%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr"/>
<negative format="%s'%s %s %s'%s'='%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
</test>
<usage>
<prefix format="'%s " params="')' * parenthesis"/>
<suffix format=" %s %s'%s'='%s" params="logic, '(' * parenthesis, randStr, randStr"/>
</usage>
</case>
<case name="likesingle" desc="LIKE single quoted string">
<test>
<positive format="%s'%s %s %s'%s' LIKE '%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr"/>
<negative format="%s'%s %s %s'%s' LIKE '%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
</test>
<usage>
<prefix format="'%s " params="')' * parenthesis"/>
<suffix format=" %s %s'%s' LIKE '%s" params="logic, '(' * parenthesis, randStr, randStr"/>
</usage>
</case>
<case name="stringdouble" desc="double quoted string">
<test>
<positive format="%s&quot;%s %s %s&quot;%s&quot;=&quot;%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr"/>
<negative format="%s&quot;%s %s %s&quot;%s&quot;=&quot;%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
</test>
<usage>
<prefix format="&quot;%s " params="')' * parenthesis"/>
<suffix format=" %s %s&quot;%s&quot;=&quot;%s" params="logic, '(' * parenthesis, randStr, randStr"/>
</usage>
</case>
<case name="likedouble" desc="LIKE double quoted string">
<test>
<positive format="%s&quot;%s %s %s&quot;%s&quot; LIKE &quot;%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr"/>
<negative format="%s&quot;%s %s %s&quot;%s&quot; LIKE &quot;%s" params="value, &quot;)&quot; * parenthesis, logic, &quot;(&quot; * parenthesis, randStr, randStr + randomStr(1)"/>
</test>
<usage>
<prefix format="&quot;%s " params="')' * parenthesis"/>
<suffix format=" %s %s&quot;%s&quot; LIKE &quot;%s" params="logic, '(' * parenthesis, randStr, randStr"/>
</usage>
</case>
</root>