sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-15 10:42:27 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update regarding good samaritan

Browse Source
This commit is contained in:
Miroslav Stampar 2010-05-25 14:51:02 +00:00
parent 065d5b02ec
commit 8ed76b3024
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/common.py
View File

@ -1262,11 +1262,11 @@ def getGoodSamaritanParameters(part, prevValue, originalCharset):
predictedCharset.append(ordChar) predictedCharset.append(ordChar)
predictedCharset.sort() predictedCharset.sort()
if len(predictedCharset) > 1:
singleValue = None
return singleValue, predictedCharset, otherCharset if len(predictedCharset) > 1:
return None, predictedCharset, otherCharset
else:
return singleValue, None, originalCharset
else: else:
return None, None, originalCharset return None, None, originalCharset

11
lib/techniques/blind/inference.py
View File

@ -371,13 +371,18 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if conf.useCommonPrediction: if conf.useCommonPrediction:
singleValue, predictedCharset, otherCharset = getGoodSamaritanParameters(kb.partRun, finalValue, asciiTbl) singleValue, predictedCharset, otherCharset = getGoodSamaritanParameters(kb.partRun, finalValue, asciiTbl)
val = None
if singleValue is None: if singleValue is None:
val = getChar(index, predictedCharset, False) if predictedCharset else None val = getChar(index, predictedCharset, False) if predictedCharset else None
else: else:
##check if that's the value #forgedPayload = safeStringFormat('AND (%s) = \'%s\'', (expressionUnescaped, singleValue))
#finalValue = singleValue #result = Request.queryPage(urlencode(forgedPayload))
#break #if result:
# finalValue = singleValue
# break
pass pass
if not val: if not val:
val = getChar(index, otherCharset) val = getChar(index, otherCharset)
else: else: