This commit is contained in:
Miroslav Stampar 2010-12-31 12:58:27 +00:00
parent 5db8ebbfa9
commit 076560f59f

View File

@ -36,10 +36,8 @@ class Fingerprint(GenericFingerprint):
infoMsg = "executing MySQL comment injection fingerprint" infoMsg = "executing MySQL comment injection fingerprint"
logger.info(infoMsg) logger.info(infoMsg)
query = agent.prefixQuery("/* NoValue */") randInt = randomInt()
query = agent.suffixQuery(query) result = inject.checkBooleanExpression("%d=%d/* NoValue */" % (randInt, randInt))
payload = agent.payload(newValue=query)
result = Request.queryPage(payload)
if not result: if not result:
warnMsg = "unable to perform MySQL comment injection" warnMsg = "unable to perform MySQL comment injection"