update of dynamicity testing and few misc fixes

2025-03-11 08:25:47 +03:00 · 2010-11-05 13:14:12 +00:00 · 2010-11-05 13:14:12 +00:00 · 0e895fa512
commit 0e895fa512
parent ef1809464d
4 changed files with 20 additions and 13 deletions
--- a/lib/controller/action.py
+++ b/lib/controller/action.py
@ -46,6 +46,9 @@ def action():
        if htmlParsed and htmlParsed.lower() in SUPPORTED_DBMS:
            errMsg += ". Do not specify the back-end DBMS manually, "
            errMsg += "sqlmap will fingerprint the DBMS for you"
+        elif kb.nullConnection:
+            errMsg += ". You can try to rerun without using optimization "
+            errMsg += "switch '%s'" % ("-o" if conf.optimize else "--null-connection")
        else:
            errMsg += ". Support for this DBMS will be implemented at "
            errMsg += "some point"
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -54,8 +54,6 @@ def checkSqlInjection(place, parameter, value, parenthesis):
    postfix = ""
    retVal = None

-    conf.matchRatio = None
-
    if conf.prefix or conf.postfix:
        if conf.prefix:
            prefix = conf.prefix
@ -98,6 +96,12 @@ def checkSqlInjection(place, parameter, value, parenthesis):
    return retVal

 def heuristicCheckSqlInjection(place, parameter, value):
+    if kb.nullConnection:
+        debugMsg  = "heuristic checking skipped "
+        debugMsg += "because NULL connection used"
+        logger.debug(debugMsg)
+        return
+
    prefix = ""
    postfix = ""

@ -135,24 +139,19 @@ def checkDynParam(place, parameter, value):

    randInt = randomInt()
    payload = agent.payload(place, parameter, value, getUnicode(randInt))
-    dynResult1 = Request.queryPage(payload, place)
+    dynResult = Request.queryPage(payload, place)

-    if True == dynResult1:
+    if True == dynResult:
        return False

    infoMsg = "confirming that %s parameter '%s' is dynamic" % (place, parameter)
    logger.info(infoMsg)

-    payload = agent.payload(place, parameter, value, "'%s" % randomStr())
-    dynResult2 = Request.queryPage(payload, place)
+    randInt = randomInt()
+    payload = agent.payload(place, parameter, value, getUnicode(randInt))
+    dynResult = Request.queryPage(payload, place)

-    payload = agent.payload(place, parameter, value, "\"%s" % randomStr())
-    dynResult3 = Request.queryPage(payload, place)
-
-    condition  = True != dynResult2
-    condition |= True != dynResult3
-
-    return condition
+    return not dynResult

 def checkDynamicContent(firstPage, secondPage):
    """
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -209,6 +209,8 @@ def start():
                    checkStability()

                for place in conf.parameters.keys():
+                    conf.matchRatio = None
+
                    if not conf.paramDict.has_key(place):
                        continue

--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@ -102,6 +102,9 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
    elif wasLastRequestError():
        return False

+    elif ratio == 1:
+        return True
+
    # If the url is not stable it returns sequence matcher between the
    # first untouched HTTP response page content and this content
    else: