From 62323971297dda718e90706f93522287480d6274 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 16 Nov 2010 10:52:49 +0000 Subject: [PATCH] minor update --- lib/controller/checks.py | 8 ++++---- lib/request/connect.py | 7 ++++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index a4b97aa63..26576b94a 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -130,14 +130,14 @@ def heuristicCheckSqlInjection(place, parameter, value): Request.queryPage(payload, place, raise404=False) result = wasLastRequestDBMSError() - infoMsg = "(error based) heuristics shows that %s " % place - infoMsg += "parameter '%s' is " % parameter + infoMsg = "heuristics shows that %s " % place + infoMsg += "parameter '%s' might " % parameter if result: - infoMsg += "injectable (possible DBMS: %s)" % (kb.htmlFp[-1] if kb.htmlFp else 'Unknown') + infoMsg += "be injectable (possible DBMS: %s)" % (kb.htmlFp[-1] if kb.htmlFp else 'Unknown') logger.info(infoMsg) else: - infoMsg += "not injectable" + infoMsg += "not be injectable" logger.warning(infoMsg) def checkDynParam(place, parameter, value): diff --git a/lib/request/connect.py b/lib/request/connect.py index bf567af1a..6e192c7af 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -220,9 +220,10 @@ class Connect: responseHeaders = conn.info() page = decodePage(page, responseHeaders.get("Content-Encoding"), responseHeaders.get("Content-Type")) - msg = extractErrorMessage(page) - if msg and conf.parseErrors: - logger.error("error message: '%s'" % msg) + if conf.parseErrors: + msg = extractErrorMessage(page) + if msg: + logger.info("parsed error message: '%s'" % msg) except urllib2.HTTPError, e: code = e.code