fix for skipping non-GET urls

2025-01-24 08:14:24 +03:00 · 2010-10-15 09:54:29 +00:00 · 2010-10-15 09:54:29 +00:00 · 0f48dd6f73
commit 0f48dd6f73
parent 207bef7f19
1 changed files with 7 additions and 2 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -118,10 +118,10 @@ def start():
            conf.data   = targetData
            conf.cookie = targetCookie
            injData     = []
-            
+
            initTargetEnv()
            parseTargetUrl()
-            
+
            testSqlInj = False
            if "GET" in conf.parameters:
                for parameter in re.findall(r"([^=]+)=[^&]+&?", conf.parameters["GET"]):
@ -129,6 +129,11 @@ def start():
                    if paramKey not in kb.testedParams:
                        testSqlInj = True
                        break
+            else:
+                paramKey = (conf.hostname, conf.path, None, None)
+                if paramKey not in kb.testedParams:
+                    testSqlInj = True
+
            if not testSqlInj:
                infoMsg = "skipping '%s'" % targetUrl
                logger.info(infoMsg)