From 5fb04515d39029880a92d34cbec287a7b328a483 Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Thu, 9 Dec 2010 13:47:17 +0000
Subject: [PATCH] Added hidden (for the moment) switch --technique

---
 lib/controller/checks.py |  9 +++++++++
 lib/core/option.py       | 10 ++++++++++
 lib/parse/cmdline.py     |  3 +++
 3 files changed, 22 insertions(+)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 7ed348c49..5f788fa19 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -101,6 +101,15 @@ def checkSqlInjection(place, parameter, value):
         stype = test.stype
         clause = test.clause
 
+        # Skip test if the user's wants to test only for a specific
+        # technique
+        if isinstance(conf.technique, int) and stype != conf.technique:
+            debugMsg = "skipping test '%s' because the user " % title
+            debugMsg += "specified to test only for "
+            debugMsg += "%s" % PAYLOAD.SQLINJECTION[conf.technique]
+            logger.debug(debugMsg)
+            continue
+
         # Skip test if the risk is higher than the provided (or default)
         # value
         # Parse test's <risk>
diff --git a/lib/core/option.py b/lib/core/option.py
index a865ee11c..f5e3341f5 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -552,6 +552,15 @@ def __setOS():
         errMsg += "you."
         raise sqlmapUnsupportedDBMSException, errMsg
 
+def __setTechnique():
+    if not isinstance(conf.technique, int):
+        return
+
+    if conf.technique < 0 or conf.technique > 5:
+        errMsg = "the value of --technique must be an integer "
+        errMsg += "between 0 and 5"
+        raise sqlmapSyntaxException, errMsg
+
 def __setDBMS():
     """
     Force the back-end DBMS option.
@@ -1383,6 +1392,7 @@ def init(inputOptions=advancedDict()):
         __urllib2Opener()
         __findPageForms()
         __setDBMS()
+        __setTechnique()
 
     __setThreads()
     __setOS()
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index 42db40e5f..dc22891fb 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -529,6 +529,9 @@ def cmdLineParser():
         parser.add_option("--live-test", dest="liveTest", action="store_true",
                           default=False, help=SUPPRESS_HELP)
 
+        parser.add_option("--technique", dest="technique", type="int",
+                          default=False, help=SUPPRESS_HELP)
+
         parser.add_option_group(target)
         parser.add_option_group(request)
         parser.add_option_group(optimization)