no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout)

2025-01-23 15:54:24 +03:00 · 2010-12-20 22:49:48 +00:00 · 2010-12-20 22:49:48 +00:00 · b34fe5c334
commit b34fe5c334
parent 8fd3e7ba1f
1 changed files with 0 additions and 10 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -330,13 +330,6 @@ def checkSqlInjection(place, parameter, value):
                        # In case of time-based blind or stacked queries
                        # SQL injections
                        elif method == PAYLOAD.METHOD.TIME:
-                            # Store old value of socket timeout
-                            pushValue(socket.getdefaulttimeout())
-
-                            # Set socket timeout to 2 minutes as some
-                            # time based checks can take awhile
-                            socket.setdefaulttimeout(120)
-
                            # Perform the test's request
                            trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)

@ -350,9 +343,6 @@ def checkSqlInjection(place, parameter, value):

                                    injectable = True

-                            # Restore value of socket timeout
-                            socket.setdefaulttimeout(popValue())
-
                    # If the injection test was successful feed the injection
                    # object with the test's details
                    if injectable is True: