sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-30 23:47:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

Closes #1163

Browse Source
This commit is contained in:
Miroslav Stampar 2015-02-13 10:59:03 +01:00
parent b1d13d1e7d
commit 2e5c11e427
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
lib/controller/checks.py
View File

@ -196,25 +196,6 @@ def checkSqlInjection(place, parameter, value):
logger.debug(debugMsg) logger.debug(debugMsg)
continue continue
elif not (kb.extendTests and intersect(dbms, kb.extendTests)):
# Skip test if the risk is higher than the provided (or default)
# value
# Parse test's <risk>
if test.risk > conf.risk:
debugMsg = "skipping test '%s' because the risk (%d) " % (title, test.risk)
debugMsg += "is higher than the provided (%d)" % conf.risk
logger.debug(debugMsg)
continue
# Skip test if the level is higher than the provided (or default)
# value
# Parse test's <level>
if test.level > conf.level:
debugMsg = "skipping test '%s' because the level (%d) " % (title, test.level)
debugMsg += "is higher than the provided (%d)" % conf.level
logger.debug(debugMsg)
continue
if dbms is not None: if dbms is not None:
if injection.dbms is not None and not intersect(injection.dbms, dbms): if injection.dbms is not None and not intersect(injection.dbms, dbms):
debugMsg = "skipping test '%s' because " % title debugMsg = "skipping test '%s' because " % title
@ -237,6 +218,25 @@ def checkSqlInjection(place, parameter, value):
logger.debug(debugMsg) logger.debug(debugMsg)
continue continue
if not (kb.extendTests and intersect(dbms, kb.extendTests)):
# Skip test if the risk is higher than the provided (or default)
# value
# Parse test's <risk>
if test.risk > conf.risk:
debugMsg = "skipping test '%s' because the risk (%d) " % (title, test.risk)
debugMsg += "is higher than the provided (%d)" % conf.risk
logger.debug(debugMsg)
continue
# Skip test if the level is higher than the provided (or default)
# value
# Parse test's <level>
if test.level > conf.level:
debugMsg = "skipping test '%s' because the level (%d) " % (title, test.level)
debugMsg += "is higher than the provided (%d)" % conf.level
logger.debug(debugMsg)
continue
# Skip test if it does not match the same SQL injection clause # Skip test if it does not match the same SQL injection clause
# already identified by another test # already identified by another test
clauseMatch = False clauseMatch = False