fixed SQLi test

Author: arjun-akto

Broken-User-Authentication/UnionColumnBasedSQLiGET.yml

@@ -197,6 +197,51 @@ execute:
                 - <html>
                 - </html>
               neq: "${x1.response.body}"
+        - success: x3
+        - failure: exit
+    - req:
+        - modify_query_param:
+            userKey: ${userVal}${unionBasedNegativePayloads}
+        - validate:
+            response_code:
+              gte: 200
+              lt: 300
+            response_payload:
+              length:
+                gt: 0
+              not_contains:
+                - Error
+                - Internal Server
+                - Fail
+                - Unauthorized
+                - access denied
+                - Forbidden
+                - Method Not allowed
+                - Gateway timeout
+                - request timeout
+                - server error
+                - server busy
+                - authentication error
+                - authorization error
+                - validation error
+                - Permission Denied
+                - invalid
+                - token expired
+                - session expired
+                - session timeout
+                - unexpected error
+                - unable to process request
+                - bad request
+                - service unavailable
+                - account is locked
+                - account is blocked
+                - multiple failed attempts
+                - Attention Required!
+                - CloudFlare
+                - Sorry, you have been blocked
+                - " UNION SELECT "
+                - <html>
+                - </html>
+              eq: "${x2.response.body}"
         - success: vulnerable
-
-
+        - failure: exit