sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-29 04:53:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding new switch ('--skip-static')

Browse Source
This commit is contained in:
Miroslav Stampar 2015-05-18 20:57:15 +02:00
parent e8f87bfa41
commit 17bfda1b9c
4 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/controller/controller.py
View File

@ -476,13 +476,18 @@ def start():
infoMsg = "ignoring %s parameter '%s'" % (paramType, parameter) infoMsg = "ignoring %s parameter '%s'" % (paramType, parameter)
logger.info(infoMsg) logger.info(infoMsg)
elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech: elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech or conf.skipStatic:
check = checkDynParam(place, parameter, value) check = checkDynParam(place, parameter, value)
if not check: if not check:
warnMsg = "%s parameter '%s' does not appear dynamic" % (paramType, parameter) warnMsg = "%s parameter '%s' does not appear dynamic" % (paramType, parameter)
logger.warn(warnMsg) logger.warn(warnMsg)
if conf.skipStatic:
infoMsg = "skipping static %s parameter '%s'" % (paramType, parameter)
logger.info(infoMsg)
testSqlInj = False
else: else:
infoMsg = "%s parameter '%s' is dynamic" % (paramType, parameter) infoMsg = "%s parameter '%s' is dynamic" % (paramType, parameter)
logger.info(infoMsg) logger.info(infoMsg)

1
lib/core/optiondict.py
View File

@ -73,6 +73,7 @@ optDict = {
"Injection": { "Injection": {
"testParameter": "string", "testParameter": "string",
"skip": "string", "skip": "string",
"skipStatic": "boolean",
"dbms": "string", "dbms": "string",
"dbmsCred": "string", "dbmsCred": "string",
"os": "string", "os": "string",

3
lib/parse/cmdline.py
View File

@ -252,6 +252,9 @@ def cmdLineParser():
injection.add_option("--skip", dest="skip", injection.add_option("--skip", dest="skip",
help="Skip testing for given parameter(s)") help="Skip testing for given parameter(s)")
injection.add_option("--skip-static", dest="skipStatic", action="store_true",
help="Skip testing parameters that not appear dynamic")
injection.add_option("--dbms", dest="dbms", injection.add_option("--dbms", dest="dbms",
help="Force back-end DBMS to this value") help="Force back-end DBMS to this value")

4
sqlmap.conf
View File

@ -222,6 +222,10 @@ testParameter =
# Skip testing for given parameter(s). # Skip testing for given parameter(s).
skip = skip =
# Skip testing parameters that not appear dynamic.
# Valid: True or False
skipStatic = False
# Force back-end DBMS to this value. If this option is set, the back-end # Force back-end DBMS to this value. If this option is set, the back-end
# DBMS identification process will be minimized as needed. # DBMS identification process will be minimized as needed.
# If not set, sqlmap will detect back-end DBMS automatically by default. # If not set, sqlmap will detect back-end DBMS automatically by default.