sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

cosmetics

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-21 15:26:23 +00:00
parent b2e7f9484d
commit 7a525f28d4
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/settings.py
View File

@ -52,8 +52,8 @@ CHAR_INFERENCE_MARK = "%c"
# coefficient used for a time-based query delay checking (must be >= 7)
TIME_STDEV_COEFF = 10
# maximum number of techniques used in inject.py/getValue() before deciding 'None' value
MAX_TECHNIQUES_BEFORE_NONE = 2
# maximum number of techniques used in inject.py/getValue() per one value
MAX_TECHNIQUES_PER_VALUE = 2
# suffix used for naming meta databases in DBMS(es) without explicit database name
METADB_SUFFIX = "_masterdb"

8
lib/request/inject.py
View File

@ -35,7 +35,7 @@ from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapNotVulnerableException
from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import MAX_TECHNIQUES_BEFORE_NONE
from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.request.direct import direct
@ -422,7 +422,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
value = __goInband(query, expected, sort, resumeValue, unpack, dump)
count += 1
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_BEFORE_NONE
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
oldUnionNegative = kb.unionNegative
kb.unionNegative = False
@ -436,7 +436,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
value = __goError(query, resumeValue)
count += 1
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_BEFORE_NONE
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if blind and isTechniqueAvailable(PAYLOAD.TECHNIQUE.BOOLEAN) and not found:
kb.technique = PAYLOAD.TECHNIQUE.BOOLEAN
@ -447,7 +447,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse
value = __goInferenceProxy(query, fromUser, expected, batch, resumeValue, unpack, charsetType, firstChar, lastChar)
count += 1
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_BEFORE_NONE
found = value or (value is None and expectingNone) or count >= MAX_TECHNIQUES_PER_VALUE
if time and (isTechniqueAvailable(PAYLOAD.TECHNIQUE.TIME) or isTechniqueAvailable(PAYLOAD.TECHNIQUE.STACKED)) and not found:
if isTechniqueAvailable(PAYLOAD.TECHNIQUE.TIME):