sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-12 00:45:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

update of dynamicity testing and few misc fixes

Browse Source
This commit is contained in:
Miroslav Stampar 2010-11-05 13:14:12 +00:00
parent ef1809464d
commit 0e895fa512
4 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/controller/action.py
View File

@ -46,6 +46,9 @@ def action():
if htmlParsed and htmlParsed.lower() in SUPPORTED_DBMS: if htmlParsed and htmlParsed.lower() in SUPPORTED_DBMS:
errMsg += ". Do not specify the back-end DBMS manually, " errMsg += ". Do not specify the back-end DBMS manually, "
errMsg += "sqlmap will fingerprint the DBMS for you" errMsg += "sqlmap will fingerprint the DBMS for you"
elif kb.nullConnection:
errMsg += ". You can try to rerun without using optimization "
errMsg += "switch '%s'" % ("-o" if conf.optimize else "--null-connection")
else: else:
errMsg += ". Support for this DBMS will be implemented at " errMsg += ". Support for this DBMS will be implemented at "
errMsg += "some point" errMsg += "some point"

25
lib/controller/checks.py
View File

@ -54,8 +54,6 @@ def checkSqlInjection(place, parameter, value, parenthesis):
postfix = "" postfix = ""
retVal = None retVal = None
conf.matchRatio = None
if conf.prefix or conf.postfix: if conf.prefix or conf.postfix:
if conf.prefix: if conf.prefix:
prefix = conf.prefix prefix = conf.prefix
@ -98,6 +96,12 @@ def checkSqlInjection(place, parameter, value, parenthesis):
return retVal return retVal
def heuristicCheckSqlInjection(place, parameter, value): def heuristicCheckSqlInjection(place, parameter, value):
if kb.nullConnection:
debugMsg = "heuristic checking skipped "
debugMsg += "because NULL connection used"
logger.debug(debugMsg)
return
prefix = "" prefix = ""
postfix = "" postfix = ""
@ -135,24 +139,19 @@ def checkDynParam(place, parameter, value):
randInt = randomInt() randInt = randomInt()
payload = agent.payload(place, parameter, value, getUnicode(randInt)) payload = agent.payload(place, parameter, value, getUnicode(randInt))
dynResult1 = Request.queryPage(payload, place) dynResult = Request.queryPage(payload, place)
if True == dynResult1: if True == dynResult:
return False return False
infoMsg = "confirming that %s parameter '%s' is dynamic" % (place, parameter) infoMsg = "confirming that %s parameter '%s' is dynamic" % (place, parameter)
logger.info(infoMsg) logger.info(infoMsg)
payload = agent.payload(place, parameter, value, "'%s" % randomStr()) randInt = randomInt()
dynResult2 = Request.queryPage(payload, place) payload = agent.payload(place, parameter, value, getUnicode(randInt))
dynResult = Request.queryPage(payload, place)
payload = agent.payload(place, parameter, value, "\"%s" % randomStr()) return not dynResult
dynResult3 = Request.queryPage(payload, place)
condition = True != dynResult2
condition |= True != dynResult3
return condition
def checkDynamicContent(firstPage, secondPage): def checkDynamicContent(firstPage, secondPage):
""" """

2
lib/controller/controller.py
View File

@ -209,6 +209,8 @@ def start():
checkStability() checkStability()
for place in conf.parameters.keys(): for place in conf.parameters.keys():
conf.matchRatio = None
if not conf.paramDict.has_key(place): if not conf.paramDict.has_key(place):
continue continue

3
lib/request/comparison.py
View File

@ -102,6 +102,9 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
elif wasLastRequestError(): elif wasLastRequestError():
return False return False
elif ratio == 1:
return True
# If the url is not stable it returns sequence matcher between the # If the url is not stable it returns sequence matcher between the
# first untouched HTTP response page content and this content # first untouched HTTP response page content and this content
else: else: