diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 5be5dde24..2c4272323 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -22,7 +22,6 @@ from lib.core.common import randomStr from lib.core.common import readInput from lib.core.common import showStaticWords from lib.core.common import DynamicContentItem -from lib.core.convert import md5hash from lib.core.convert import urlencode from lib.core.data import conf from lib.core.data import kb @@ -202,11 +201,10 @@ def checkStability(): time.sleep(1) secondPage, _ = Request.queryPage(content=True) - condition = (firstPage == secondPage) + kb.pageStable = (firstPage == secondPage) - if condition: + if kb.pageStable: if firstPage: - conf.md5hash = md5hash(firstPage) logMsg = "url is stable" logger.info(logMsg) else: @@ -216,7 +214,7 @@ def checkStability(): errMsg += "using higher verbosity levels" raise sqlmapNoneDataException, errMsg - elif not condition: + else: warnMsg = "url is not stable, sqlmap will base the page " warnMsg += "comparison on a sequence matcher. If no dynamic nor " warnMsg += "injectable parameters are detected, or in case of " @@ -253,7 +251,7 @@ def checkStability(): else: checkDynamicContent(firstPage, secondPage) - return condition + return kb.pageStable def checkString(): if not conf.string: diff --git a/lib/core/option.py b/lib/core/option.py index 4b569a1fb..0f4f9f188 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1014,7 +1014,6 @@ def __setConfAttributes(): conf.loggedToOut = None conf.logic = "AND" conf.matchRatio = None - conf.md5hash = None conf.multipleTargets = False conf.outputPath = None conf.paramDict = {} @@ -1083,6 +1082,7 @@ def __setKnowledgeBaseAttributes(): kb.osVersion = None kb.osSP = None + kb.pageStable = None kb.parenthesis = None kb.partRun = None kb.proxyAuthHeader = None diff --git a/lib/core/target.py b/lib/core/target.py index 061f5d4b5..7298cf1a1 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -298,10 +298,11 @@ def initTargetEnv(): kb.injPlace = None kb.injType = None kb.nullConnection = None + kb.pageStable = None kb.parenthesis = None kb.proxyAuthHeader = None kb.stackedTest = None - kb.timeTest = None + kb.timeTest = None kb.unionComment = "" kb.unionCount = None kb.unionPosition = None diff --git a/lib/request/comparison.py b/lib/request/comparison.py index d2635a9fc..afc9330c1 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -77,11 +77,11 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None): if conf.thold: conf.matchRatio = conf.thold - elif conf.md5hash is not None and ratio > 0.6 and ratio < 1: + elif kb.pageStable and ratio > 0.6 and ratio < 1: logger.debug("setting match ratio to %.3f" % ratio) conf.matchRatio = ratio - elif conf.md5hash is None or ( conf.md5hash is not None and ratio < 0.6 ): + elif not kb.pageStable or ( kb.pageStable and ratio < 0.6 ): logger.debug("setting match ratio to default value 0.900") conf.matchRatio = 0.900 @@ -93,13 +93,6 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None): if getSeqMatcher: return ratio - # If the url is stable it returns True if the page has the same MD5 - # hash of the original one - # NOTE: old implementation, it did not handle automatically the fact - # that the url could be not stable (due to VIEWSTATE, counter, etc.) - #elif conf.md5hash is not None: - # return conf.md5hash == md5hash(page) - # In case of an DBMS error page return False elif conf.errorComparison and kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID: return False