sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

important update - finally found what was causing headache for UNION payloads in noticeable number of cases

Browse Source
This commit is contained in:
Miroslav Stampar 2011-05-26 21:54:19 +00:00
parent 97bd5355dd
commit 45caadbd4a
3 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@ -414,6 +414,8 @@ def checkSqlInjection(place, parameter, value):
# by unionTest() directly # by unionTest() directly
where = vector[6] where = vector[6]
kb.previousMethod = method
# If the injection test was successful feed the injection # If the injection test was successful feed the injection
# object with the test's details # object with the test's details
if injectable is True: if injectable is True:

1
lib/core/enums.py
View File

@ -100,6 +100,7 @@ class WARNFLAGS:
DATA_TO_STDOUT = 'dataToStdout' DATA_TO_STDOUT = 'dataToStdout'
THREADS = 'threads' THREADS = 'threads'
PIVOT_LIMIT = 'pivotLimit' PIVOT_LIMIT = 'pivotLimit'
TIME_UNRECOVERED = 'timeUnrecovered'
class EXPECTED: class EXPECTED:
BOOL = "bool" BOOL = "bool"

12
lib/request/connect.py
View File

@ -42,6 +42,7 @@ from lib.core.data import logger
from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD from lib.core.enums import HTTPMETHOD
from lib.core.enums import NULLCONNECTION from lib.core.enums import NULLCONNECTION
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE from lib.core.enums import PLACE
from lib.core.enums import WARNFLAGS from lib.core.enums import WARNFLAGS
from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapConnectionException
@ -397,7 +398,16 @@ class Connect:
warnMsg += ", sqlmap is going to retry the request" warnMsg += ", sqlmap is going to retry the request"
logger.critical(warnMsg) logger.critical(warnMsg)
if kb.originalPage is None: if kb.testMode and kb.previousMethod == PAYLOAD.METHOD.TIME:
# timed based payloads can cause web server unresponsiveness
# if the injectable piece of code is some kind of JOIN-like query
warnMsg = "most probably web server instance hasn't recovered yet "
warnMsg += "from previous timed based payload. if the problem "
warnMsg += "persists please wait for few minutes and rerun "
warnMsg += "without flag T in --technique option "
warnMsg += "(e.g. --technique=BEUS)"
singleTimeLogMessage(warnMsg, logging.WARN, WARNFLAGS.TIME_UNRECOVERED)
elif kb.originalPage is None:
warnMsg = "if the problem persists please try to rerun " warnMsg = "if the problem persists please try to rerun "
warnMsg += "with the --random-agent switch turned on " warnMsg += "with the --random-agent switch turned on "
warnMsg += "and/or try to use proxy switches (--ignore-proxy, --proxy,...)" warnMsg += "and/or try to use proxy switches (--ignore-proxy, --proxy,...)"