sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 00:04:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update of false positive check (in considerable amount of cases minus char is filtered/used for other means)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-11-20 20:27:30 +00:00
parent 440b7efe55
commit 8c32b3653b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@ -556,9 +556,9 @@ def checkFalsePositives(injection):
retVal = None
elif checkBooleanExpression("%d=%d" % (randInt1, randInt2)):
retVal = None
elif not checkBooleanExpression("%d=(%d-%d)" % (abs(randInt1 - randInt2), max(randInt1, randInt2), min(randInt1, randInt2))):
if not checkBooleanExpression("%d=(%d+%d)" % (randInt1 + randInt2, randInt1, randInt2)):
retVal = None
elif checkBooleanExpression("(%d+%d)=(%d-%d)" % (randInt1, randInt2, randInt1, randInt2)):
elif checkBooleanExpression("%d=%d" % (randInt2, randInt1)):
retVal = None
if retVal is None: