sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-30 10:00:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

Improve FI heuristic logic

Browse Source
This commit is contained in:
Jenna Magius 2017-01-15 00:07:48 -07:00
parent 8b6603a9b6
commit 9e19c28a35
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/controller/checks.py
View File

@ -1005,11 +1005,10 @@ def heuristicCheckSqlInjection(place, parameter):
logger.info(infoMsg)
for match in re.finditer(FI_ERROR_REGEX, page or ""):
if randStr1.lower() in match.group(0).lower():
infoMsg = "heuristic (FI) test shows that %s parameter " % paramType
infoMsg += "'%s' might be vulnerable to file inclusion attacks" % parameter
logger.info(infoMsg)
break
infoMsg = "heuristic (FI) test shows that %s parameter " % paramType
infoMsg += "'%s' might be vulnerable to file inclusion attacks" % parameter
logger.info(infoMsg)
break
kb.heuristicMode = False