sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-31 18:39:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Improve FI heuristic logic

Browse Source
This commit is contained in:
Jenna Magius 2017-01-15 00:07:48 -07:00
parent 8b6603a9b6
commit 9e19c28a35
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/controller/checks.py
View File

@ -1005,7 +1005,6 @@ def heuristicCheckSqlInjection(place, parameter):
logger.info(infoMsg) logger.info(infoMsg)
for match in re.finditer(FI_ERROR_REGEX, page or ""): for match in re.finditer(FI_ERROR_REGEX, page or ""):
if randStr1.lower() in match.group(0).lower():
infoMsg = "heuristic (FI) test shows that %s parameter " % paramType infoMsg = "heuristic (FI) test shows that %s parameter " % paramType
infoMsg += "'%s' might be vulnerable to file inclusion attacks" % parameter infoMsg += "'%s' might be vulnerable to file inclusion attacks" % parameter
logger.info(infoMsg) logger.info(infoMsg)