sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-17 03:50:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor cosmetics

Browse Source
This commit is contained in:
Miroslav Stampar 2012-04-10 21:57:00 +00:00
parent 119eec3598
commit a82206cec4
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/controller/checks.py
View File

@ -345,14 +345,16 @@ def checkSqlInjection(place, parameter, value):
logger.info(infoMsg) logger.info(infoMsg)
injectable = True injectable = True
else:
elif not conf.string:
trueSet = set(extractTextTagContent(truePage)) trueSet = set(extractTextTagContent(truePage))
falseSet = set(extractTextTagContent(falsePage)) falseSet = set(extractTextTagContent(falsePage))
candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") else None), (trueSet - falseSet), None) candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") else None), (trueSet - falseSet), None)
if candidate: if candidate:
conf.string = candidate conf.string = candidate
infoMsg = "%s parameter '%s' is '%s' injectable (with --string='%s')" % (place, parameter, title, candidate) infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=%s)" % (place, parameter, title, repr(candidate).lstrip('u'))
logger.info(infoMsg) logger.info(infoMsg)
injectable = True injectable = True
# In case of error-based SQL injection # In case of error-based SQL injection