sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor fix for some special "unusable" cases (seen on Access/ODBC/Linux setup)

Browse Source
This commit is contained in:
Miroslav Stampar 2012-03-09 10:28:19 +00:00
parent 7330dff255
commit a0b46963cb
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/controller/checks.py
View File

@ -540,26 +540,29 @@ def checkFalsePositives(injection):
infoMsg += "parameter '%s' is a false positive" % injection.parameter
logger.info(infoMsg)
def _():
return int(randomInt(2)) + 1
kb.injection = injection
randInt1, randInt2 = int(randomInt(2)) + 1, int(randomInt(2)) + 1
randInt1, randInt2, randInt3 = (_() for i in xrange(3))
# Just in case (also, they have to be different than 0 because of the last test)
while randInt1 == randInt2:
randInt2 = int(randomInt(2)) + 1
randInt2 = _()
# Simple arithmetic operations which should show basic
# arithmetic ability of the backend if it's really injectable
if not checkBooleanExpression("(%d+%d)=%d" % (randInt1, randInt2, randInt1 + randInt2)):
retVal = None
elif checkBooleanExpression("%d=%d" % (randInt1, randInt2)):
elif checkBooleanExpression("%d>(%d+%d)" % (min(randInt1, randInt2), randInt3, max(randInt1, randInt2))):
retVal = None
if not checkBooleanExpression("%d=(%d+%d)" % (randInt1 + randInt2, randInt1, randInt2)):
elif not checkBooleanExpression("%d=(%d+%d)" % (randInt1 + randInt2, randInt1, randInt2)):
retVal = None
elif checkBooleanExpression("%d=%d" % (randInt2, randInt1)):
elif checkBooleanExpression("(%d+%d)>%d" % (randInt3, min(randInt1, randInt2), randInt1 + randInt2 + randInt3)):
retVal = None
if retVal is None:
warnMsg = "false positive injection point detected"
warnMsg = "false positive and/or unexploitable injection point detected"
logger.warn(warnMsg)
kb.injection = popValue()