From 076560f59f4e2dc97a0be9a8b17359e4d930bc6d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 31 Dec 2010 12:58:27 +0000 Subject: [PATCH] bug fix --- plugins/dbms/mysql/fingerprint.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py index 2e923b4e7..056f6c631 100644 --- a/plugins/dbms/mysql/fingerprint.py +++ b/plugins/dbms/mysql/fingerprint.py @@ -36,10 +36,8 @@ class Fingerprint(GenericFingerprint): infoMsg = "executing MySQL comment injection fingerprint" logger.info(infoMsg) - query = agent.prefixQuery("/* NoValue */") - query = agent.suffixQuery(query) - payload = agent.payload(newValue=query) - result = Request.queryPage(payload) + randInt = randomInt() + result = inject.checkBooleanExpression("%d=%d/* NoValue */" % (randInt, randInt)) if not result: warnMsg = "unable to perform MySQL comment injection"