sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

code refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-25 14:06:56 +00:00
parent 9c94a233a1
commit 24c5d7b313
4 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/controller/checks.py
View File

@ -21,6 +21,7 @@ from lib.core.common import randomInt
from lib.core.common import randomStr from lib.core.common import randomStr
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.common import showStaticWords from lib.core.common import showStaticWords
from lib.core.common import wasLastRequestError
from lib.core.common import DynamicContentItem from lib.core.common import DynamicContentItem
from lib.core.convert import urlencode from lib.core.convert import urlencode
from lib.core.data import conf from lib.core.data import conf
@ -103,7 +104,7 @@ def heuristicCheckSqlInjection(place, parameter, value):
payload = conf.paramDict[place][parameter].replace('*', payload) payload = conf.paramDict[place][parameter].replace('*', payload)
Request.queryPage(payload, place) Request.queryPage(payload, place)
result = kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID result = wasLastRequestError()
infoMsg = "(error based) heuristics shows that %s " % place infoMsg = "(error based) heuristics shows that %s " % place
infoMsg += "parameter '%s' is " % parameter infoMsg += "parameter '%s' is " % parameter

12
lib/core/common.py
View File

@ -1479,7 +1479,19 @@ def commonFinderOnly(initial, sequence):
return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence)) return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence))
def pushValue(value): def pushValue(value):
"""
Push value to the stack
"""
kb.valueStack.append(value) kb.valueStack.append(value)
def popValue(): def popValue():
"""
Pop value from the stack
"""
return kb.valueStack.pop() return kb.valueStack.pop()
def wasLastRequestError():
"""
Returns True if the last web request resulted in a (recognized) DBMS error page
"""
return kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID

1
lib/core/option.py
View File

@ -1006,7 +1006,6 @@ def __setConfAttributes():
conf.dbmsConnector = None conf.dbmsConnector = None
conf.dbmsHandler = None conf.dbmsHandler = None
conf.dumpPath = None conf.dumpPath = None
conf.errorComparison = True
conf.minMatchBlock = 8 conf.minMatchBlock = 8
conf.dynMarkLength = 32 conf.dynMarkLength = 32
conf.httpHeaders = [] conf.httpHeaders = []

3
lib/request/comparison.py
View File

@ -11,6 +11,7 @@ import re
from lib.core.common import getFilteredPageContent from lib.core.common import getFilteredPageContent
from lib.core.common import preparePageForLineComparison from lib.core.common import preparePageForLineComparison
from lib.core.common import wasLastRequestError
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -94,7 +95,7 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
return ratio return ratio
# In case of an DBMS error page return False # In case of an DBMS error page return False
elif conf.errorComparison and kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID: elif wasLastRequestError():
return False return False
# If the url is not stable it returns sequence matcher between the # If the url is not stable it returns sequence matcher between the