sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

sharp tuning UNION tests even more

Browse Source
This commit is contained in:
Miroslav Stampar 2011-05-28 08:06:19 +00:00
parent 74cc974fa7
commit 95dea1fbf9
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/techniques/inband/union/test.py
View File

@ -72,13 +72,6 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
ratios.pop(ratios.index(min_))
ratios.pop(ratios.index(max_))
deviation = stdev(ratios)
if abs(max_ - min_) < MIN_STATISTICAL_RANGE:
kb.errorIsNone = popValue()
return None
lower, upper = average(ratios) - UNION_STDEV_COEFF * deviation, average(ratios) + UNION_STDEV_COEFF * deviation
minItem, maxItem = None, None
for item in items:
@ -87,6 +80,20 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
elif item[1] == max_:
maxItem = item
if all(map(lambda x: x == min_ and x != max_, ratios)):
return maxItem[0]
elif all(map(lambda x: x != min_ and x == max_, ratios)):
return minItem[0]
deviation = stdev(ratios)
if abs(max_ - min_) < MIN_STATISTICAL_RANGE:
kb.errorIsNone = popValue()
return None
lower, upper = average(ratios) - UNION_STDEV_COEFF * deviation, average(ratios) + UNION_STDEV_COEFF * deviation
if min_ < lower:
retVal = minItem[0]