mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 13:41:10 +03:00 
			
		
		
		
	Proper fix to avoid UNION test false positives
This commit is contained in:
		
							parent
							
								
									c2e994e806
								
							
						
					
					
						commit
						873951ab92
					
				|  | @ -49,7 +49,7 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, dbms, coun | ||||||
|         # Perform the request |         # Perform the request | ||||||
|         resultPage, _ = Request.queryPage(payload, place=place, content=True) |         resultPage, _ = Request.queryPage(payload, place=place, content=True) | ||||||
| 
 | 
 | ||||||
|         if resultPage and randQuery in resultPage and query not in resultPage: |         if resultPage and randQuery in resultPage and " UNION ALL SELECT " not in resultPage: | ||||||
|             setUnion(position=exprPosition) |             setUnion(position=exprPosition) | ||||||
|             validPayload = payload |             validPayload = payload | ||||||
|             unionVector = agent.forgeInbandQuery("[PAYLOAD]", exprPosition, count=count, comment=comment, prefix=prefix, suffix=suffix) |             unionVector = agent.forgeInbandQuery("[PAYLOAD]", exprPosition, count=count, comment=comment, prefix=prefix, suffix=suffix) | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user