From 440b484bf6cbe7f7a9eee61c8d022ddbf4ad6298 Mon Sep 17 00:00:00 2001
From: stamparm <miroslav.stampar@gmail.com>
Date: Fri, 1 Mar 2013 10:59:04 +0100
Subject: [PATCH] Minor update (one more just in case dummy request in false
 positive check for time-based injections - when DBMS could be unresponsive a
 bit due to previous heavy-queries)

---
 lib/controller/checks.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 440adaa4c..28def5093 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -657,7 +657,12 @@ def checkFalsePositives(injection):
             if not checkBooleanExpression("(%d+%d)=%d" % (randInt1, randInt2, randInt1 + randInt2)):
                 retVal = None
                 break
-            elif checkBooleanExpression("%d>(%d+%d)" % (min(randInt1, randInt2), randInt3, max(randInt1, randInt2))):
+
+            # Just in case if DBMS hasn't properly recovered from previous delayed request
+            if PAYLOAD.TECHNIQUE.BOOLEAN not in injection.data:
+                checkBooleanExpression("%d=%d", randInt1, randInt2)
+
+            if checkBooleanExpression("%d>(%d+%d)" % (min(randInt1, randInt2), randInt3, max(randInt1, randInt2))):
                 retVal = None
                 break
             elif checkBooleanExpression("(%d+%d)>%d" % (randInt3, min(randInt1, randInt2), randInt1 + randInt2 + randInt3)):