sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

some updates

Browse Source
This commit is contained in:
Miroslav Stampar 2010-12-04 15:47:02 +00:00
parent 3f9450b9dc
commit 9e5f933ace
4 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/controller/checks.py
View File

@ -17,6 +17,8 @@ from lib.core.agent import agent
from lib.core.common import beep from lib.core.common import beep
from lib.core.common import calculateDeltaSeconds from lib.core.common import calculateDeltaSeconds
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import randomInt from lib.core.common import randomInt
from lib.core.common import randomStr from lib.core.common import randomStr
from lib.core.common import readInput from lib.core.common import readInput
@ -92,6 +94,9 @@ def checkSqlInjection(place, parameter, value):
# successfully inject # successfully inject
injection = injectionDict() injection = injectionDict()
# Clear cookies after each query page attempt
kb.flushCookies = True
for test in conf.tests: for test in conf.tests:
title = test.title title = test.title
stype = test.stype stype = test.stype
@ -259,6 +264,10 @@ def checkSqlInjection(place, parameter, value):
origValue = value origValue = value
elif where == 2: elif where == 2:
origValue = "-%s" % randomInt() origValue = "-%s" % randomInt()
# Save old page template and replace with new one
pushValue(kb.pageTemplate)
kb.pageTemplate = Request.queryPage(agent.payload(place, parameter, value, origValue), place, content=True)[0]
elif where == 3: elif where == 3:
origValue = "" origValue = ""
@ -347,6 +356,10 @@ def checkSqlInjection(place, parameter, value):
injectable = True injectable = True
# Restore page template
if where == 2:
kb.pageTemplate = popValue()
# If the injection test was successful feed the injection # If the injection test was successful feed the injection
# object with the test's details # object with the test's details
if injectable is True: if injectable is True:
@ -400,6 +413,9 @@ def checkSqlInjection(place, parameter, value):
# boundaries # boundaries
break break
# Flush the flag
kb.flushCookies = False
# Return the injection object # Return the injection object
if injection.place is not None and injection.parameter is not None: if injection.place is not None and injection.parameter is not None:
return injection return injection

1
lib/core/option.py
View File

@ -1117,6 +1117,7 @@ def __setKnowledgeBaseAttributes():
kb.cache.content = {} kb.cache.content = {}
kb.cache.regex = {} kb.cache.regex = {}
kb.flushCookies = False
kb.commonOutputs = None kb.commonOutputs = None
kb.data = advancedDict() kb.data = advancedDict()

3
lib/request/connect.py
View File

@ -407,6 +407,9 @@ class Connect:
if conf.textOnly: if conf.textOnly:
page = getFilteredPageContent(page) page = getFilteredPageContent(page)
if kb.flushCookies and conf.cj:
conf.cj.clear()
if content or response: if content or response:
return page, headers return page, headers
elif getSeqMatcher: elif getSeqMatcher:

6
xml/payloads.xml
View File

@ -416,12 +416,12 @@ Formats:
<level>4</level> <level>4</level>
<risk>3</risk> <risk>3</risk>
<clause>1</clause> <clause>1</clause>
<where>1</where> <where>2</where>
<request> <request>
<payload>OR [RANDNUM]=[RANDNUM]</payload> <payload>OR [RANDNUM]=[RANDNUM1]</payload>
</request> </request>
<response> <response>
<comparison>OR [RANDNUM]=[RANDNUM1]</comparison> <comparison>OR [RANDNUM]=[RANDNUM]</comparison>
</response> </response>
</test> </test>