diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 072ab4f1f..304c9f6de 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -286,7 +286,7 @@ def start(): if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) \ and (kb.injection.place is None or kb.injection.parameter is None): - if not conf.string and not conf.regexp and not conf.eRegexp: + if not conf.string and not conf.regexp: # NOTE: this is not needed anymore, leaving only to display # a warning message to the user in case the page is not stable checkStability() diff --git a/lib/core/option.py b/lib/core/option.py index 1ee7f9932..4da52bdaa 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1384,10 +1384,6 @@ def __basicOptionValidation(): errMsg = "value for --cpu-throttle (cpuThrottle) option must be in range [0,100]" raise sqlmapSyntaxException, errMsg - if conf.thold is not None and isinstance(conf.thold, float) and (conf.thold > 1 or conf.cpuThrottle < 0): - errMsg = "value for --threshold (thold) option must be in range [0,1]" - raise sqlmapSyntaxException, errMsg - if conf.textOnly and conf.nullConnection: errMsg = "switch --text-only is incompatible with switch --null-connection" raise sqlmapSyntaxException, errMsg diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index dc8c3bb10..c52978865 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -67,9 +67,6 @@ optDict = { "risk": "integer", "string": "string", "regexp": "string", - "eString": "string", - "eRegexp": "string", - "thold": "float", "textOnly": "boolean" }, diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index c10615cf3..aa082a877 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -201,17 +201,6 @@ def cmdLineParser(): help="Regexp to match in page when the " "query is valid") - detection.add_option("--excl-str", dest="eString", - help="String to be excluded before comparing " - "page contents") - - detection.add_option("--excl-reg", dest="eRegexp", - help="Matches to be excluded before " - "comparing page contents") - - detection.add_option("--threshold", dest="thold", type="float", - help="Page comparison threshold value (0.0-1.0)") - detection.add_option("--text-only", dest="textOnly", action="store_true", default=False, help="Compare pages based only on their textual content") diff --git a/lib/request/comparison.py b/lib/request/comparison.py index 328aaa22f..e3156bc7c 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -34,26 +34,6 @@ def comparison(page, getSeqMatcher=False, pageLength=None): seqMatcher.set_seq1(kb.pageTemplate) if page: - # String to be excluded before calculating page hash - if conf.eString and conf.eString in page: - index = page.index(conf.eString) - length = len(conf.eString) - pageWithoutString = page[:index] - pageWithoutString += page[index+length:] - page = pageWithoutString - - # Regular expression matches to be excluded before calculating page hash - if conf.eRegexp: - regExpResults = re.findall(conf.eRegexp, page, re.I | re.M) - - if regExpResults: - for regExpResult in regExpResults: - index = page.index(regExpResult) - length = len(regExpResult) - pageWithoutRegExp = page[:index] - pageWithoutRegExp += page[index+length:] - page = pageWithoutRegExp - # String to match in page when the query is valid if conf.string: return conf.string in page @@ -77,7 +57,7 @@ def comparison(page, getSeqMatcher=False, pageLength=None): if conf.textOnly: (seqMatcher.a, page) = map(getFilteredPageContent, (seqMatcher.a, page)) - if not conf.eRegexp and not conf.eString and kb.nullConnection and pageLength: + if kb.nullConnection and pageLength: ratio = 1. * pageLength / len(seqMatcher.a) if ratio > 1.: @@ -89,10 +69,7 @@ def comparison(page, getSeqMatcher=False, pageLength=None): # If the url is stable and we did not set yet the match ratio and the # current injected value changes the url page content if kb.matchRatio is None: - if conf.thold: - kb.matchRatio = conf.thold - - elif kb.pageStable and ratio >= LOWER_RATIO_BOUND and ratio <= UPPER_RATIO_BOUND: + if kb.pageStable and ratio >= LOWER_RATIO_BOUND and ratio <= UPPER_RATIO_BOUND: kb.matchRatio = ratio logger.debug("setting match ratio for current parameter to %.3f" % kb.matchRatio) @@ -112,7 +89,7 @@ def comparison(page, getSeqMatcher=False, pageLength=None): return None else: - if kb.matchRatio == CONSTANT_RATIO or conf.thold: + if kb.matchRatio == CONSTANT_RATIO: return ratio > kb.matchRatio else: return (ratio - kb.matchRatio) > DIFF_TOLERANCE diff --git a/sqlmap.conf b/sqlmap.conf index 387349237..e5af4e6e5 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -220,19 +220,6 @@ string = # (http://www.python.org/doc/2.5.2/lib/re-syntax.html) regexp = -# String to be excluded by the page content before comparing to the original page -eString = - -# Regular expression matches to be excluded by the page content before -# comparing to the original page -# Valid: regular expression with Python syntax -# (http://www.python.org/doc/2.5.2/lib/re-syntax.html) -eRegexp = - -# Page comparison threshold value. -# Valid: 0.0-1.0 -thold = - # Compare pages based only on their textual content # Valid: True or False textOnly = False