mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-23 01:56:36 +03:00
automatically turn on --text-only in case of heavily-dynamicity instead of critical exit
This commit is contained in:
parent
adc41181e6
commit
3629c2737b
|
@ -50,6 +50,7 @@ from lib.core.exception import sqlmapUserQuitException
|
||||||
from lib.core.session import setDynamicMarkings
|
from lib.core.session import setDynamicMarkings
|
||||||
from lib.core.session import setString
|
from lib.core.session import setString
|
||||||
from lib.core.session import setRegexp
|
from lib.core.session import setRegexp
|
||||||
|
from lib.core.session import setTextOnly
|
||||||
from lib.core.settings import CONSTANT_RATIO
|
from lib.core.settings import CONSTANT_RATIO
|
||||||
from lib.core.settings import UPPER_RATIO_BOUND
|
from lib.core.settings import UPPER_RATIO_BOUND
|
||||||
from lib.core.unescaper import unescaper
|
from lib.core.unescaper import unescaper
|
||||||
|
@ -487,7 +488,8 @@ def heuristicCheckSqlInjection(place, parameter, value):
|
||||||
def simpletonCheckSqlInjection(place, parameter, value):
|
def simpletonCheckSqlInjection(place, parameter, value):
|
||||||
"""
|
"""
|
||||||
This is a function for the quickest and simplest
|
This is a function for the quickest and simplest
|
||||||
sql injection check (e.g. AND 1=1)
|
sql injection check (e.g. AND 1=1) - only works
|
||||||
|
with integer parameters
|
||||||
"""
|
"""
|
||||||
|
|
||||||
result = False
|
result = False
|
||||||
|
@ -497,17 +499,14 @@ def simpletonCheckSqlInjection(place, parameter, value):
|
||||||
if value.isdigit():
|
if value.isdigit():
|
||||||
payload = "%s AND %d=%d" % (value, randInt, randInt)
|
payload = "%s AND %d=%d" % (value, randInt, randInt)
|
||||||
else:
|
else:
|
||||||
payload = "%s' AND '%s'='%s" % (value, randStr, randStr)
|
return False
|
||||||
|
|
||||||
payload = agent.payload(place, parameter, value, payload)
|
payload = agent.payload(place, parameter, value, payload)
|
||||||
firstPage, _ = Request.queryPage(payload, place, content=True, raise404=False)
|
firstPage, _ = Request.queryPage(payload, place, content=True, raise404=False)
|
||||||
|
|
||||||
if not (wasLastRequestDBMSError() or wasLastRequestHTTPError()):
|
if not (wasLastRequestDBMSError() or wasLastRequestHTTPError()):
|
||||||
if getComparePageRatio(kb.originalPage, firstPage, filtered=True) > CONSTANT_RATIO:
|
if getComparePageRatio(kb.originalPage, firstPage, filtered=True) > CONSTANT_RATIO:
|
||||||
if value.isdigit():
|
payload = "%s AND %d=%d" % (value, randInt, randInt+1)
|
||||||
payload = "%s AND %d=%d" % (value, randInt, randInt+1)
|
|
||||||
else:
|
|
||||||
payload = "%s' AND '%s'='%s" % (value, randStr, randomStr())
|
|
||||||
|
|
||||||
payload = agent.payload(place, parameter, value, payload)
|
payload = agent.payload(place, parameter, value, payload)
|
||||||
secondPage, _ = Request.queryPage(payload, place, content=True, raise404=False)
|
secondPage, _ = Request.queryPage(payload, place, content=True, raise404=False)
|
||||||
|
@ -582,10 +581,13 @@ def checkDynamicContent(firstPage, secondPage):
|
||||||
count += 1
|
count += 1
|
||||||
|
|
||||||
if count > conf.retries:
|
if count > conf.retries:
|
||||||
errMsg = "target url is too dynamic. unable to continue. "
|
warnMsg = "target url is too dynamic. "
|
||||||
errMsg += "consider using other switches (e.g. "
|
warnMsg += "switching to --text-only. "
|
||||||
errMsg += "--longest-common, --string, --text-only, etc.)"
|
logger.warn(warnMsg)
|
||||||
raise sqlmapSiteTooDynamic, errMsg
|
|
||||||
|
conf.textOnly = True
|
||||||
|
setTextOnly()
|
||||||
|
return
|
||||||
|
|
||||||
warnMsg = "target url is heavily dynamic"
|
warnMsg = "target url is heavily dynamic"
|
||||||
warnMsg += ", sqlmap is going to retry the request"
|
warnMsg += ", sqlmap is going to retry the request"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user