helping dummy users

2025-01-24 00:04:23 +03:00 · 2011-05-24 17:15:25 +00:00 · 2011-05-24 17:15:25 +00:00 · bec2c04671
commit bec2c04671
parent a3466ff79c
2 changed files with 10 additions and 3 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -40,6 +40,7 @@ from lib.core.enums import HTTPMETHOD
 from lib.core.enums import PAYLOAD
 from lib.core.enums import PLACE
 from lib.core.exception import exceptionsTuple
+from lib.core.exception import sqlmapNoneDataException
 from lib.core.exception import sqlmapNotVulnerableException
 from lib.core.exception import sqlmapSilentQuitException
 from lib.core.exception import sqlmapValueException
@ -392,10 +393,12 @@ def start():
                        if not proceed:
                            break

-                        testSqlInj = True
+                        kb.vainRun = False

                        paramKey = (conf.hostname, conf.path, place, parameter)

+                        testSqlInj = True
+
                        if paramKey in kb.testedParams:
                            testSqlInj = False

@ -458,7 +461,11 @@ def start():
                                logger.warn(warnMsg)

            if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
-                if not conf.realTest:
+                if kb.vainRun and not conf.multipleTargets:
+                    errMsg = "no testable parameter(s) found in the provided data "
+                    errMsg += "(e.g. GET parameter 'id' in 'www.site.com/index.php?id=1')"
+                    raise sqlmapNoneDataException, errMsg
+                elif not conf.realTest:
                    errMsg = "all parameters are not injectable."

                    if conf.level < 5 or conf.risk < 3:
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1383,7 +1383,6 @@ def __setKnowledgeBaseAttributes(flushAll=True):
    kb.suppressSession = False
    kb.suppressResumeInfo = False
    kb.technique = None
-    kb.tested = []
    kb.testMode = False
    kb.testQueryCount = 0
    kb.threadContinue = True
@ -1406,6 +1405,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
        kb.targetUrls = oset()
        kb.testedParams = set()
        kb.userAgents = None
+        kb.vainRun = True
        kb.wordlist = None

 def __useWizardInterface():