From 0d6afca7db9eca6b06883348473382f94f61ffa7 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sun, 10 Jul 2011 15:16:58 +0000
Subject: [PATCH] adding new switch '--smart' by request

---
 lib/controller/controller.py | 8 +++++---
 lib/core/optiondict.py       | 1 +
 lib/parse/cmdline.py         | 4 ++++
 sqlmap.conf                  | 4 ++++
 4 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/controller/controller.py b/lib/controller/controller.py
index e9d531609..0c303ce13 100644
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -440,9 +440,11 @@ def start():
                         if testSqlInj:
                             check = heuristicCheckSqlInjection(place, parameter)
 
-                            if not check and conf.realTest and \
-                               not simpletonCheckSqlInjection(place, parameter, value):
-                                continue
+                            if not check:
+                                if conf.smart or conf.realTest and not simpletonCheckSqlInjection(place, parameter, value):
+                                    infoMsg = "skipping %s parameter '%s'" % (place, parameter)
+                                    logger.info(infoMsg)
+                                    continue
 
                             infoMsg = "testing sql injection on %s " % place
                             infoMsg += "parameter '%s'" % parameter
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index e9f32e810..d3e5f3a89 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -175,6 +175,7 @@ optDict = {
                                "googlePage":        "integer",
                                "mobile":            "boolean",
                                "pageRank":          "boolean",
+                               "smart":             "boolean",
                                "wizard":            "boolean",
                                "verbose":           "integer"
                              },
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index 8fc6dbb31..ecb474774 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -549,6 +549,10 @@ def cmdLineParser():
                                   action="store_true",
                                   help="Display page rank (PR) for Google dork results")
 
+        miscellaneous.add_option("--smart", dest="smart",
+                                  action="store_true",
+                                  help="Conduct through tests only if positive heuristic(s)")
+
         miscellaneous.add_option("--wizard", dest="wizard",
                                   action="store_true",
                                   help="Simple wizard interface for beginner users")
diff --git a/sqlmap.conf b/sqlmap.conf
index 4fdbc850e..152a10d3d 100644
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -584,6 +584,10 @@ mobile = False
 # Valid: True or False
 pageRank = False
 
+# Conduct through tests only if positive heuristic(s).
+# Valid: True or False
+smart = False
+
 # Simple wizard interface for beginner users.
 # Valid: True or False
 wizard = False