From 212035e64d6f51a0653bbd8f01fe43231f233758 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sat, 1 Jan 2011 23:38:11 +0000
Subject: [PATCH] user can now choose if he wants to skip non-heuristic based
 DBMS tests

---
 lib/controller/checks.py | 15 +++++++++++++++
 lib/core/option.py       |  1 +
 2 files changed, 16 insertions(+)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 461dc010d..6c87e5da7 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -139,6 +139,21 @@ def checkSqlInjection(place, parameter, value):
 
                     continue
 
+                if kb.htmlFp and kb.htmlFp[-1] and kb.htmlFp[-1] != dbms\
+                  and kb.skipTests is None:
+                    message = "heuristic test showed that the back-end DBMS could be '%s'." % kb.htmlFp[-1]
+                    message += " do you want to skip test payloads specific for other DBMSes? [Y/n]"
+                    kb.skipTests = conf.realTest or readInput(message, default="Y") not in ("n", "N")
+
+                if kb.skipTests:
+                    debugMsg = "skipping test '%s' because " % title
+                    debugMsg += "the heuristic test showed that "
+                    debugMsg += "the back-end DBMS could be "
+                    debugMsg += "%s" % kb.htmlFp[-1]
+                    logger.debug(debugMsg)
+
+                    continue
+
             # Skip test if it is the same SQL injection type already
             # identified by another test
             if injection.data and stype in injection.data:
diff --git a/lib/core/option.py b/lib/core/option.py
index c953f824c..76793fefc 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1190,6 +1190,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
     kb.responseTimes   = []
     kb.resumedQueries  = {}
     kb.retriesCount    = 0
+    kb.skipTests       = None
     kb.technique       = None
     kb.testMode        = False
     kb.testQueryCount  = 0