mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-27 03:53:48 +03:00
65 lines
3.8 KiB
XML
65 lines
3.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<root>
|
|
<case name="custom" desc="custom">
|
|
<test>
|
|
<positive format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt, postfix"/>
|
|
<negative format="%s%s%s %s %s%d=%d %s" params="value, prefix, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1, postfix"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format="%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s" params="logic, '(' * parenthesis"/>
|
|
</usage>
|
|
</case>
|
|
<case name="numeric" desc="unescaped numeric">
|
|
<test>
|
|
<positive format="%s%s %s %s%d=%d" params="value, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt"/>
|
|
<negative format="%s%s %s %s%d=%d" params="value, ")" * parenthesis, logic, "(" * parenthesis, randInt, randInt + 1"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format="%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s%d=%d" params="logic, '(' * parenthesis, randInt, randInt"/>
|
|
</usage>
|
|
</case>
|
|
<case name="stringsingle" desc="single quoted string">
|
|
<test>
|
|
<positive format="%s'%s %s %s'%s'='%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
|
<negative format="%s'%s %s %s'%s'='%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format="'%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s'%s'='%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
|
</usage>
|
|
</case>
|
|
<case name="likesingle" desc="LIKE single quoted string">
|
|
<test>
|
|
<positive format="%s'%s %s %s'%s' LIKE '%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
|
<negative format="%s'%s %s %s'%s' LIKE '%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format="'%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s'%s' LIKE '%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
|
</usage>
|
|
</case>
|
|
<case name="stringdouble" desc="double quoted string">
|
|
<test>
|
|
<positive format="%s"%s %s %s"%s"="%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
|
<negative format="%s"%s %s %s"%s"="%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format=""%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s"%s"="%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
|
</usage>
|
|
</case>
|
|
<case name="likedouble" desc="LIKE double quoted string">
|
|
<test>
|
|
<positive format="%s"%s %s %s"%s" LIKE "%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr"/>
|
|
<negative format="%s"%s %s %s"%s" LIKE "%s" params="value, ")" * parenthesis, logic, "(" * parenthesis, randStr, randStr + randomStr(1)"/>
|
|
</test>
|
|
<usage>
|
|
<prefix format=""%s " params="')' * parenthesis"/>
|
|
<postfix format=" %s %s"%s" LIKE "%s" params="logic, '(' * parenthesis, randStr, randStr"/>
|
|
</usage>
|
|
</case>
|
|
</root>
|