Ahead with enhancements on comparison algorithm: implemented content-length technique

2024-11-22 17:46:37 +03:00 · 2008-12-18 22:49:35 +00:00 · 2008-12-18 22:49:35 +00:00 · 68354be45a
commit 68354be45a
parent afbd66f6d9
3 changed files with 17 additions and 11 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -320,15 +320,16 @@ def checkStability():
                contentLengths.append(int(clHeader.group(1)))

        if contentLengths:
-            clSum = 0
+            conf.contentLengths = ( min(contentLengths), max(contentLengths) )

-            for cl in contentLengths:
-                clSum += cl
+            warnMsg  = "url is not stable, sqlmap inspected the headers "
+            warnMsg += "and identified that Content-Length can be used "
+            warnMsg += "in the comparison algorithm"
+            logger.warn(warnMsg)

-            clAverage = clSum / len(contentLengths)
+            kb.defaultResult = True

-        # TODO: go ahead here with the technique to compare True/False
-        # based upon clAverage discard (conf.contentLengths)
+            return True

        # Prepare for the comparison algorithm based on page content's
        # stable lines subset
@ -356,6 +357,10 @@ def checkStability():

            return True

+    if condition == True:
+        logMsg = "url is stable"
+        logger.info(logMsg)
+
    return condition


--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -175,10 +175,7 @@ def start():

        if not kb.injPlace or not kb.injParameter or not kb.injType:
            if not conf.string and not conf.regexp and not conf.eRegexp:
-                if checkStability():
-                    logMsg = "url is stable"
-                    logger.info(logMsg)
-                else:
+                if not checkStability():
                    errMsg  = "url is not stable, try with --string or "
                    errMsg += "--regexp options, refer to the user's manual "
                    errMsg += "paragraph 'Page comparison' for details"
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@ -75,7 +75,11 @@ def comparison(page, headers=None, content=False):

    # Comparison algorithm based on Content-Length header value
    elif conf.contentLengths:
-        pass
+        minValue = conf.contentLengths[0] - 10
+        maxValue = conf.contentLengths[1] + 10
+
+        if len(page) >= minValue and len(page) <= maxValue:
+            return True

    # Comparison algorithm based on page content's stable lines subset
    elif conf.equalLines: