sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Further decreasing number of testing payloads

Browse Source
This commit is contained in:
Miroslav Stampar 2015-07-10 01:19:46 +02:00
parent 48b627f3ff
commit 02470ea683
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/controller/checks.py
View File

@ -525,6 +525,17 @@ def checkSqlInjection(place, parameter, value):
infoMsg += "there is at least one other (potential) " infoMsg += "there is at least one other (potential) "
infoMsg += "technique found" infoMsg += "technique found"
singleTimeLogMessage(infoMsg) singleTimeLogMessage(infoMsg)
elif not injection.data:
_ = test.request.columns.split('-')[-1]
if _.isdigit() and int(_) > 10:
if kb.futileUnion is None:
msg = "it is not recommended to perform "
msg += "extended UNION tests if there is not "
msg += "at least one other (potential) "
msg += "technique found. Do you want to skip? [Y/n] "
kb.futileUnion = readInput(msg, default="Y").strip().upper() == 'N'
if kb.futileUnion is False:
continue
# Test for UNION query SQL injection # Test for UNION query SQL injection
reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix) reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix)

1
lib/core/option.py
View File

@ -1788,6 +1788,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.followSitemapRecursion = None kb.followSitemapRecursion = None
kb.forcedDbms = None kb.forcedDbms = None
kb.forcePartialUnion = False kb.forcePartialUnion = False
kb.futileUnion = None
kb.headersFp = {} kb.headersFp = {}
kb.heuristicDbms = None kb.heuristicDbms = None
kb.heuristicMode = False kb.heuristicMode = False