From 6795b51c7e2c7fc6dc44360362163b5bcf640557 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 20 Aug 2014 01:59:30 +0200 Subject: [PATCH] Another minor update --- lib/controller/checks.py | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 0fc8aa2ec..001c66bc8 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -741,18 +741,22 @@ def checkFilteredChars(injection): kb.injection = injection randInt = randomInt() - if not checkBooleanExpression("(%d)=%d" % (randInt, randInt)): - warnMsg = "it appears that some non-alphanumeric characters (i.e. ()) are " - warnMsg += "filtered by the back-end server. There is a strong " - warnMsg += "possibility that sqlmap won't be able to properly " - warnMsg += "exploit this vulnerability" - logger.critical(warnMsg) + # all other techniques are already using parentheses in tests + if len(injection.data) == 1 and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data: + if not checkBooleanExpression("(%d)=%d" % (randInt, randInt)): + warnMsg = "it appears that some non-alphanumeric characters (i.e. ()) are " + warnMsg += "filtered by the back-end server. There is a strong " + warnMsg += "possibility that sqlmap won't be able to properly " + warnMsg += "exploit this vulnerability" + logger.critical(warnMsg) - if not checkBooleanExpression("%d>%d" % (randInt+1, randInt)): - warnMsg = "it appears that the character '>' is " - warnMsg += "filtered by the back-end server. You are strongly " - warnMsg += "advised to rerun with the '--tamper=between'" - logger.warn(warnMsg) + # inference techniques depend on character '>' + if not any(_ in injection.data for _ in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.QUERY)): + if not checkBooleanExpression("%d>%d" % (randInt+1, randInt)): + warnMsg = "it appears that the character '>' is " + warnMsg += "filtered by the back-end server. You are strongly " + warnMsg += "advised to rerun with the '--tamper=between'" + logger.warn(warnMsg) kb.injection = popValue()