second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now

This commit is contained in:
Bernardo Damele 2012-03-15 16:25:26 +00:00
parent 0013b0970f
commit 4520744b4d
2 changed files with 6 additions and 1 deletions

View File

@ -322,6 +322,9 @@ def checkSqlInjection(place, parameter, value):
boundPayload = agent.suffixQuery(boundPayload, comment, suffix, where)
cmpPayload = agent.payload(place, parameter, newValue=boundPayload, where=where)
pushValue(kb.negativeLogic)
kb.negativeLogic = "OR NOT" in cmpPayload
return cmpPayload
# Useful to set kb.matchRatio at first based on
@ -347,6 +350,8 @@ def checkSqlInjection(place, parameter, value):
injectable = True
kb.negativeLogic = popValue()
# In case of error-based SQL injection
elif method == PAYLOAD.METHOD.GREP:
# Perform the test's request and grep the response

View File

@ -36,7 +36,7 @@ def comparison(page, headers, code=None, getRatioValue=False, pageLength=None):
seqMatcher.set_seq1(kb.pageTemplate)
def _(condition):
#condition = not condition if kb.negativeLogic else condition
condition = not condition if kb.negativeLogic else condition
return condition if not getRatioValue else (MAX_RATIO if condition else MIN_RATIO)
if any([conf.string, conf.regexp]):