From 4959da3ce6a60d562dfa00355bcd99047798eb76 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 7 Dec 2010 14:59:11 +0000 Subject: [PATCH] it's a must to double check time based payloads --- lib/controller/checks.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 794dc3361..8d5d3569a 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -355,17 +355,20 @@ def checkSqlInjection(place, parameter, value): _ = Request.queryPage(reqPayload, place) duration = calculateDeltaSeconds(start) - # Threat sleep and delayed (heavy query) differently - if check.isdigit() and duration >= int(check): - infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title) - logger.info(infoMsg) + trueResult = (check.isdigit() and duration >= int(check)) or (check == "[DELAYED]" and duration >= max(TIME_MIN_DELTA, kb.responseTime)) - injectable = True - elif check == "[DELAYED]" and duration >= max(TIME_MIN_DELTA, kb.responseTime): - infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title) - logger.info(infoMsg) + if trueResult: + start = time.time() + _ = Request.queryPage(reqPayload, place) + duration = calculateDeltaSeconds(start) - injectable = True + trueResult = (check.isdigit() and duration >= int(check)) or (check == "[DELAYED]" and duration >= max(TIME_MIN_DELTA, kb.responseTime)) + + if trueResult: + infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title) + logger.info(infoMsg) + + injectable = True # Restore value of socket timeout socket.setdefaulttimeout(popValue())