|
49 | 49 | <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/> |
50 | 50 | <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> |
51 | 51 | <item value="r'database management system users roles:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+role: SUPER'"/> |
52 | | - <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> |
| 52 | + <item value="r'available databases \[.+information_schema.+mysql.+testdb'"/> |
53 | 53 | <item value="r'Database: testdb.+3 tables.+users'"/> |
54 | 54 | <item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/> |
55 | 55 | <item value="r'Database: testdb.+Table.+Entries.+users.+5'"/> |
|
93 | 93 | <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/> |
94 | 94 | <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> |
95 | 95 | <item value="r'database management system users roles:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+role: SUPER'"/> |
96 | | - <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> |
| 96 | + <item value="r'available databases \[.+information_schema.+mysql.+testdb'"/> |
97 | 97 | <item value="r'Database: testdb.+3 tables.+users'"/> |
98 | 98 | <item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/> |
99 | 99 | <item value="r'Database: testdb.+Table.+Entries.+users.+5'"/> |
|
137 | 137 | <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/> |
138 | 138 | <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> |
139 | 139 | <item value="r'database management system users roles:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+role: SUPER'"/> |
140 | | - <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> |
| 140 | + <item value="r'available databases \[.+information_schema.+mysql.+testdb'"/> |
141 | 141 | <item value="r'Database: testdb.+3 tables.+users'"/> |
142 | 142 | <item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/> |
143 | 143 | <item value="r'Database: testdb.+Table.+Entries.+users.+5'"/> |
|
181 | 181 | <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/> |
182 | 182 | <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> |
183 | 183 | <item value="r'database management system users roles:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+role: SUPER'"/> |
184 | | - <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> |
| 184 | + <item value="r'available databases \[.+information_schema.+mysql.+testdb'"/> |
185 | 185 | <item value="r'Database: testdb.+3 tables.+users'"/> |
186 | 186 | <item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/> |
187 | 187 | <item value="r'Database: testdb.+Table.+Entries.+users.+5'"/> |
|
239 | 239 | <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/> |
240 | 240 | <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> |
241 | 241 | <item value="r'database management system users roles:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+role: SUPER'"/> |
242 | | - <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> |
| 242 | + <item value="r'available databases \[.+information_schema.+mysql.+testdb'"/> |
243 | 243 | <item value="r'Database: testdb.+3 tables.+users'"/> |
244 | 244 | <item value="r'Database: testdb.+Table: users.+3 columns.+surname.+varchar\(1000\)'"/> |
245 | 245 | <item value="r'Database: testdb.+Table.+Entries.+users.+5'"/> |
|
474 | 474 | <item value="r'Database: public.+Table: users.+5 entries.+luther.+nameisnull.+'"/> |
475 | 475 | </parse> |
476 | 476 | </case> |
| 477 | + <case name="Oracle boolean-based multi-threaded enumeration - all entries"> |
| 478 | + <switches> |
| 479 | + <url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/> |
| 480 | + <threads value="4"/> |
| 481 | + <tech value="B"/> |
| 482 | + <extensiveFp value="True"/> |
| 483 | + <getBanner value="True"/> |
| 484 | + <getCurrentUser value="True"/> |
| 485 | + <getCurrentDb value="True"/> |
| 486 | + <getHostname value="True"/> |
| 487 | + <isDba value="True"/> |
| 488 | + <getUsers value="True"/> |
| 489 | + <getPasswordHashes value="True"/> |
| 490 | + <getPrivileges value="True"/> |
| 491 | + <getRoles value="True"/> |
| 492 | + <getDbs value="True"/> |
| 493 | + <getTables value="True"/> |
| 494 | + <getColumns value="True"/> |
| 495 | + <getCount value="True"/> |
| 496 | + <dumpTable value="True"/> |
| 497 | + <db value="scott"/> |
| 498 | + <tbl value="users"/> |
| 499 | + <excludeSysDbs value="True"/> |
| 500 | + </switches> |
| 501 | + <parse> |
| 502 | + <item value="Title: AND boolean-based blind - WHERE or HAVING clause"/> |
| 503 | + <item value="r'back-end DBMS: active fingerprint: Oracle 10g'"/> |
| 504 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 505 | + <item value="current user: 'SYS'"/> |
| 506 | + <item value="current schema (equivalent to database on Oracle): 'SYS'"/> |
| 507 | + <item value="hostname: 'debian"/> |
| 508 | + <item value="current user is DBA: True"/> |
| 509 | + <item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/> |
| 510 | + <item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: 71E687F036AD56E5.+clear-text password: CHANGE_ON_INSTALL.+SYS \[.+password hash: 2D5A0C491B634F1B.+clear-text password: TESTPASS'"/> |
| 511 | + <item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/> |
| 512 | + <item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/> |
| 513 | + <item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/> |
| 514 | + <item value="r'Database: SCOTT.+ tables.+USERS'"/> |
| 515 | + <item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/> |
| 516 | + <item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/> |
| 517 | + <item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/> |
| 518 | + </parse> |
| 519 | + </case> |
| 520 | + <case name="Oracle error-based multi-threaded enumeration - all entries"> |
| 521 | + <switches> |
| 522 | + <url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/> |
| 523 | + <threads value="4"/> |
| 524 | + <tech value="E"/> |
| 525 | + <extensiveFp value="True"/> |
| 526 | + <getBanner value="True"/> |
| 527 | + <getCurrentUser value="True"/> |
| 528 | + <getCurrentDb value="True"/> |
| 529 | + <getHostname value="True"/> |
| 530 | + <isDba value="True"/> |
| 531 | + <getUsers value="True"/> |
| 532 | + <getPasswordHashes value="True"/> |
| 533 | + <getPrivileges value="True"/> |
| 534 | + <getRoles value="True"/> |
| 535 | + <getDbs value="True"/> |
| 536 | + <getTables value="True"/> |
| 537 | + <getColumns value="True"/> |
| 538 | + <getCount value="True"/> |
| 539 | + <dumpTable value="True"/> |
| 540 | + <db value="scott"/> |
| 541 | + <tbl value="users"/> |
| 542 | + <excludeSysDbs value="True"/> |
| 543 | + <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/> |
| 544 | + </switches> |
| 545 | + <parse> |
| 546 | + <item value="Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)"/> |
| 547 | + <item value="r'back-end DBMS: active fingerprint: Oracle 10g'"/> |
| 548 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 549 | + <item value="current user: 'SYS'"/> |
| 550 | + <item value="current schema (equivalent to database on Oracle): 'SYS'"/> |
| 551 | + <item value="hostname: 'debian"/> |
| 552 | + <item value="current user is DBA: True"/> |
| 553 | + <item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/> |
| 554 | + <item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: 71E687F036AD56E5.+SYS \[.+password hash: 2D5A0C491B634F1B'"/> |
| 555 | + <item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/> |
| 556 | + <item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/> |
| 557 | + <item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/> |
| 558 | + <item value="r'Database: SCOTT.+ tables.+USERS'"/> |
| 559 | + <item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/> |
| 560 | + <item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/> |
| 561 | + <item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/> |
| 562 | + </parse> |
| 563 | + </case> |
| 564 | + <case name="Oracle UNION query multi-threaded enumeration - all entries"> |
| 565 | + <switches> |
| 566 | + <url value="http://debiandev/sqlmap/oracle/get_int.php?id=1"/> |
| 567 | + <threads value="4"/> |
| 568 | + <tech value="U"/> |
| 569 | + <extensiveFp value="True"/> |
| 570 | + <getBanner value="True"/> |
| 571 | + <getCurrentUser value="True"/> |
| 572 | + <getCurrentDb value="True"/> |
| 573 | + <getHostname value="True"/> |
| 574 | + <isDba value="True"/> |
| 575 | + <getUsers value="True"/> |
| 576 | + <getPasswordHashes value="True"/> |
| 577 | + <getPrivileges value="True"/> |
| 578 | + <getRoles value="True"/> |
| 579 | + <getDbs value="True"/> |
| 580 | + <getTables value="True"/> |
| 581 | + <getColumns value="True"/> |
| 582 | + <getCount value="True"/> |
| 583 | + <dumpTable value="True"/> |
| 584 | + <db value="scott"/> |
| 585 | + <tbl value="users"/> |
| 586 | + <excludeSysDbs value="True"/> |
| 587 | + <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/> |
| 588 | + </switches> |
| 589 | + <parse> |
| 590 | + <item value="Title: Generic UNION query (NULL) - 3 columns"/> |
| 591 | + <item value="r'back-end DBMS: active fingerprint: Oracle 10g'"/> |
| 592 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 593 | + <item value="current user: 'SYS'"/> |
| 594 | + <item value="current schema (equivalent to database on Oracle): 'SYS'"/> |
| 595 | + <item value="hostname: 'debian"/> |
| 596 | + <item value="current user is DBA: True"/> |
| 597 | + <item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/> |
| 598 | + <item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: 71E687F036AD56E5.+SYS \[.+password hash: 2D5A0C491B634F1B'"/> |
| 599 | + <item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/> |
| 600 | + <item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/> |
| 601 | + <item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/> |
| 602 | + <item value="r'Database: SCOTT.+ tables.+USERS'"/> |
| 603 | + <item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/> |
| 604 | + <item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/> |
| 605 | + <item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/> |
| 606 | + </parse> |
| 607 | + </case> |
| 608 | + <case name="Oracle partial UNION query multi-threaded enumeration - all entries"> |
| 609 | + <switches> |
| 610 | + <url value="http://debiandev/sqlmap/oracle/get_int_partialunion.php?id=1"/> |
| 611 | + <threads value="4"/> |
| 612 | + <tech value="U"/> |
| 613 | + <extensiveFp value="True"/> |
| 614 | + <getBanner value="True"/> |
| 615 | + <getCurrentUser value="True"/> |
| 616 | + <getCurrentDb value="True"/> |
| 617 | + <getHostname value="True"/> |
| 618 | + <isDba value="True"/> |
| 619 | + <getUsers value="True"/> |
| 620 | + <getPasswordHashes value="True"/> |
| 621 | + <getPrivileges value="True"/> |
| 622 | + <getRoles value="True"/> |
| 623 | + <getDbs value="True"/> |
| 624 | + <getTables value="True"/> |
| 625 | + <getColumns value="True"/> |
| 626 | + <getCount value="True"/> |
| 627 | + <dumpTable value="True"/> |
| 628 | + <db value="scott"/> |
| 629 | + <tbl value="users"/> |
| 630 | + <excludeSysDbs value="True"/> |
| 631 | + <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/> |
| 632 | + </switches> |
| 633 | + <parse> |
| 634 | + <item value="Title: Generic UNION query (NULL) - 3 columns"/> |
| 635 | + <item value="r'back-end DBMS: active fingerprint: Oracle 10g'"/> |
| 636 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 637 | + <item value="current user: 'SYS'"/> |
| 638 | + <item value="current schema (equivalent to database on Oracle): 'SYS'"/> |
| 639 | + <item value="hostname: 'debian"/> |
| 640 | + <item value="current user is DBA: True"/> |
| 641 | + <item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/> |
| 642 | + <item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: 71E687F036AD56E5.+SYS \[.+password hash: 2D5A0C491B634F1B'"/> |
| 643 | + <item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/> |
| 644 | + <item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/> |
| 645 | + <item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/> |
| 646 | + <item value="r'Database: SCOTT.+ tables.+USERS'"/> |
| 647 | + <item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/> |
| 648 | + <item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/> |
| 649 | + <item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/> |
| 650 | + </parse> |
| 651 | + </case> |
| 652 | + <case name="Oracle time-based single-threaded enumeration - all entries"> |
| 653 | + <switches> |
| 654 | + <url value="http://debiandev/sqlmap/oracle/get_int_nooutput.php?id=1"/> |
| 655 | + <tech value="T"/> |
| 656 | + <timeSec value="2"/> |
| 657 | + <getBanner value="True"/> |
| 658 | + <isDba value="True"/> |
| 659 | + </switches> |
| 660 | + <parse> |
| 661 | + <item value="Title: Oracle AND time-based blind"/> |
| 662 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 663 | + <item value="current user is DBA: True"/> |
| 664 | + </parse> |
| 665 | + </case> |
| 666 | + <case name="Oracle inline queries multi-threaded enumeration - all entries"> |
| 667 | + <switches> |
| 668 | + <url value="http://debiandev/sqlmap/oracle/get_int_inline.php?id=1"/> |
| 669 | + <threads value="4"/> |
| 670 | + <tech value="Q"/> |
| 671 | + <extensiveFp value="True"/> |
| 672 | + <getBanner value="True"/> |
| 673 | + <getCurrentUser value="True"/> |
| 674 | + <getCurrentDb value="True"/> |
| 675 | + <getHostname value="True"/> |
| 676 | + <isDba value="True"/> |
| 677 | + <getUsers value="True"/> |
| 678 | + <getPasswordHashes value="True"/> |
| 679 | + <getPrivileges value="True"/> |
| 680 | + <getRoles value="True"/> |
| 681 | + <getDbs value="True"/> |
| 682 | + <getTables value="True"/> |
| 683 | + <getColumns value="True"/> |
| 684 | + <getCount value="True"/> |
| 685 | + <dumpTable value="True"/> |
| 686 | + <db value="scott"/> |
| 687 | + <tbl value="users"/> |
| 688 | + <excludeSysDbs value="True"/> |
| 689 | + <answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/> |
| 690 | + </switches> |
| 691 | + <parse> |
| 692 | + <item value="Title: Oracle inline queries"/> |
| 693 | + <item value="r'back-end DBMS: active fingerprint: Oracle 10g'"/> |
| 694 | + <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> |
| 695 | + <item value="current user: 'SYS'"/> |
| 696 | + <item value="current schema (equivalent to database on Oracle): 'SYS'"/> |
| 697 | + <item value="hostname: 'debian"/> |
| 698 | + <item value="current user is DBA: True"/> |
| 699 | + <item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/> |
| 700 | + <item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: 71E687F036AD56E5.+SYS \[.+password hash: 2D5A0C491B634F1B'"/> |
| 701 | + <item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/> |
| 702 | + <item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/> |
| 703 | + <item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/> |
| 704 | + <item value="r'Database: SCOTT.+ tables.+USERS'"/> |
| 705 | + <item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/> |
| 706 | + <item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/> |
| 707 | + <item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/> |
| 708 | + </parse> |
| 709 | + </case> |
477 | 710 | <case name="SQLite boolean-based multi-threaded enumeration - all entries"> |
478 | 711 | <switches> |
479 | 712 | <url value="http://debiandev/sqlmap/sqlite/get_int.php?id=1"/> |
|
0 commit comments