mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-23 01:56:36 +03:00
important update - finally found what was causing headache for UNION payloads in noticeable number of cases
This commit is contained in:
parent
97bd5355dd
commit
45caadbd4a
|
@ -414,6 +414,8 @@ def checkSqlInjection(place, parameter, value):
|
||||||
# by unionTest() directly
|
# by unionTest() directly
|
||||||
where = vector[6]
|
where = vector[6]
|
||||||
|
|
||||||
|
kb.previousMethod = method
|
||||||
|
|
||||||
# If the injection test was successful feed the injection
|
# If the injection test was successful feed the injection
|
||||||
# object with the test's details
|
# object with the test's details
|
||||||
if injectable is True:
|
if injectable is True:
|
||||||
|
|
|
@ -100,6 +100,7 @@ class WARNFLAGS:
|
||||||
DATA_TO_STDOUT = 'dataToStdout'
|
DATA_TO_STDOUT = 'dataToStdout'
|
||||||
THREADS = 'threads'
|
THREADS = 'threads'
|
||||||
PIVOT_LIMIT = 'pivotLimit'
|
PIVOT_LIMIT = 'pivotLimit'
|
||||||
|
TIME_UNRECOVERED = 'timeUnrecovered'
|
||||||
|
|
||||||
class EXPECTED:
|
class EXPECTED:
|
||||||
BOOL = "bool"
|
BOOL = "bool"
|
||||||
|
|
|
@ -42,6 +42,7 @@ from lib.core.data import logger
|
||||||
from lib.core.enums import HTTPHEADER
|
from lib.core.enums import HTTPHEADER
|
||||||
from lib.core.enums import HTTPMETHOD
|
from lib.core.enums import HTTPMETHOD
|
||||||
from lib.core.enums import NULLCONNECTION
|
from lib.core.enums import NULLCONNECTION
|
||||||
|
from lib.core.enums import PAYLOAD
|
||||||
from lib.core.enums import PLACE
|
from lib.core.enums import PLACE
|
||||||
from lib.core.enums import WARNFLAGS
|
from lib.core.enums import WARNFLAGS
|
||||||
from lib.core.exception import sqlmapConnectionException
|
from lib.core.exception import sqlmapConnectionException
|
||||||
|
@ -397,7 +398,16 @@ class Connect:
|
||||||
warnMsg += ", sqlmap is going to retry the request"
|
warnMsg += ", sqlmap is going to retry the request"
|
||||||
logger.critical(warnMsg)
|
logger.critical(warnMsg)
|
||||||
|
|
||||||
if kb.originalPage is None:
|
if kb.testMode and kb.previousMethod == PAYLOAD.METHOD.TIME:
|
||||||
|
# timed based payloads can cause web server unresponsiveness
|
||||||
|
# if the injectable piece of code is some kind of JOIN-like query
|
||||||
|
warnMsg = "most probably web server instance hasn't recovered yet "
|
||||||
|
warnMsg += "from previous timed based payload. if the problem "
|
||||||
|
warnMsg += "persists please wait for few minutes and rerun "
|
||||||
|
warnMsg += "without flag T in --technique option "
|
||||||
|
warnMsg += "(e.g. --technique=BEUS)"
|
||||||
|
singleTimeLogMessage(warnMsg, logging.WARN, WARNFLAGS.TIME_UNRECOVERED)
|
||||||
|
elif kb.originalPage is None:
|
||||||
warnMsg = "if the problem persists please try to rerun "
|
warnMsg = "if the problem persists please try to rerun "
|
||||||
warnMsg += "with the --random-agent switch turned on "
|
warnMsg += "with the --random-agent switch turned on "
|
||||||
warnMsg += "and/or try to use proxy switches (--ignore-proxy, --proxy,...)"
|
warnMsg += "and/or try to use proxy switches (--ignore-proxy, --proxy,...)"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user