sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-14 15:14:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one

Browse Source
This commit is contained in:
Miroslav Stampar 2011-01-03 10:37:20 +00:00
parent 5860b8942f
commit adc41181e6
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/controller/checks.py
View File

@ -495,9 +495,9 @@ def simpletonCheckSqlInjection(place, parameter, value):
randStr = randomStr()
if value.isdigit():
payload = "%s OR %d>%d" % (value, randInt, randInt+1)
payload = "%s AND %d=%d" % (value, randInt, randInt)
else:
payload = "%s' OR '%s'!='%s" % (value, randStr, randStr)
payload = "%s' AND '%s'='%s" % (value, randStr, randStr)
payload = agent.payload(place, parameter, value, payload)
firstPage, _ = Request.queryPage(payload, place, content=True, raise404=False)
@ -505,9 +505,9 @@ def simpletonCheckSqlInjection(place, parameter, value):
if not (wasLastRequestDBMSError() or wasLastRequestHTTPError()):
if getComparePageRatio(kb.originalPage, firstPage, filtered=True) > CONSTANT_RATIO:
if value.isdigit():
payload = "%s AND %d>%d" % (value, randInt, randInt+1)
payload = "%s AND %d=%d" % (value, randInt, randInt+1)
else:
payload = "%s' AND '%s'!='%s" % (value, randStr, randStr)
payload = "%s' AND '%s'='%s" % (value, randStr, randomStr())
payload = agent.payload(place, parameter, value, payload)
secondPage, _ = Request.queryPage(payload, place, content=True, raise404=False)