sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor fixes

Browse Source
This commit is contained in:
Miroslav Stampar 2012-04-11 21:36:37 +00:00
parent 627bfc589f
commit b45ae10da4
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@ -349,7 +349,7 @@ def checkSqlInjection(place, parameter, value):
if not injectable and not conf.string: if not injectable and not conf.string:
trueSet = set(extractTextTagContent(truePage)) trueSet = set(extractTextTagContent(truePage))
falseSet = set(extractTextTagContent(falsePage)) falseSet = set(extractTextTagContent(falsePage))
candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") else None), (trueSet - falseSet), None) candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") and y.strip() not in falsePage else None), (trueSet - falseSet), None)
if candidate: if candidate:
conf.string = candidate conf.string = candidate
infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=%s)" % (place, parameter, title, repr(candidate).lstrip('u')) infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=%s)" % (place, parameter, title, repr(candidate).lstrip('u'))

4
lib/core/common.py
View File

@ -2161,8 +2161,8 @@ def extractTextTagContent(page):
Returns list containing content from "textual" tags Returns list containing content from "textual" tags
""" """
page = re.sub(r"(?si)[^\s]*%s[^<]*" % REFLECTED_VALUE_MARKER, "", page or "") page = re.sub(r"(?si)[^\s>]*%s[^<]*" % REFLECTED_VALUE_MARKER, "", page or "")
return [_.group('result') for _ in re.finditer(TEXT_TAG_REGEX, page)] return filter(None, (_.group('result').strip() for _ in re.finditer(TEXT_TAG_REGEX, page)))
def trimAlphaNum(value): def trimAlphaNum(value):
""" """