sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

--test-filter now ignores values of --risk and --level

Browse Source
This commit is contained in:
Bernardo Damele 2015-02-15 16:28:37 +00:00
parent 2e5c11e427
commit 863d5a6281
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/controller/checks.py
View File

@ -188,9 +188,11 @@ def checkSqlInjection(place, parameter, value):
else: else:
dbms = None dbms = None
# Skip tests if title is not included by the given filter # Skip tests if title, vector or DBMS is not included by the
if conf.testFilter: # given test filter
if not any(conf.testFilter in str(item) or re.search(conf.testFilter, str(item), re.I) for item in (test.title, test.vector, dbms)): if conf.testFilter and not any(conf.testFilter in str(item) or \
re.search(conf.testFilter, str(item), re.I) for item in \
(test.title, test.vector, dbms)):
debugMsg = "skipping test '%s' because " % title debugMsg = "skipping test '%s' because " % title
debugMsg += "its name/vector/dbms is not included by the given filter" debugMsg += "its name/vector/dbms is not included by the given filter"
logger.debug(debugMsg) logger.debug(debugMsg)
@ -222,7 +224,7 @@ def checkSqlInjection(place, parameter, value):
# Skip test if the risk is higher than the provided (or default) # Skip test if the risk is higher than the provided (or default)
# value # value
# Parse test's <risk> # Parse test's <risk>
if test.risk > conf.risk: if not conf.testFilter and test.risk > conf.risk:
debugMsg = "skipping test '%s' because the risk (%d) " % (title, test.risk) debugMsg = "skipping test '%s' because the risk (%d) " % (title, test.risk)
debugMsg += "is higher than the provided (%d)" % conf.risk debugMsg += "is higher than the provided (%d)" % conf.risk
logger.debug(debugMsg) logger.debug(debugMsg)
@ -231,7 +233,7 @@ def checkSqlInjection(place, parameter, value):
# Skip test if the level is higher than the provided (or default) # Skip test if the level is higher than the provided (or default)
# value # value
# Parse test's <level> # Parse test's <level>
if test.level > conf.level: if not conf.testFilter and not test.level > conf.level:
debugMsg = "skipping test '%s' because the level (%d) " % (title, test.level) debugMsg = "skipping test '%s' because the level (%d) " % (title, test.level)
debugMsg += "is higher than the provided (%d)" % conf.level debugMsg += "is higher than the provided (%d)" % conf.level
logger.debug(debugMsg) logger.debug(debugMsg)