bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)

This commit is contained in:
Miroslav Stampar 2010-12-23 11:28:13 +00:00
parent 5a0aef0f33
commit 73f33c1999
2 changed files with 4 additions and 1 deletions

View File

@ -183,6 +183,7 @@ def start():
if paramKey not in kb.testedParams:
testSqlInj = True
testSqlInj &= (conf.hostname, conf.path, None, None) not in kb.testedParams
if not testSqlInj:
infoMsg = "skipping '%s'" % targetUrl
logger.info(infoMsg)
@ -366,6 +367,8 @@ def start():
if test[0] in ("n", "N"):
proceed = False
paramKey = (conf.hostname, conf.path, None, None)
kb.testedParams.add(paramKey)
break
else:
warnMsg = "%s parameter '%s' is not " % (place, parameter)

View File

@ -1192,7 +1192,6 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.responseTimes = []
kb.resumedQueries = {}
kb.retriesCount = 0
kb.testedParams = set()
kb.technique = None
kb.testMode = False
kb.testQueryCount = 0
@ -1208,6 +1207,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.keywords = set(getFileItems(paths.SQL_KEYWORDS))
kb.tamperFunctions = []
kb.targetUrls = set()
kb.testedParams = set()
kb.userAgents = None
def __saveCmdline():