From c18efe5084b6aabe78c2ced5ae2a8c3b25cc5602 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Sat, 20 Dec 2008 13:21:47 +0000 Subject: [PATCH] Minor adjustments --- lib/controller/checks.py | 2 ++ lib/core/settings.py | 54 ++++++++++++++++++--------------------- lib/request/comparison.py | 4 +-- 3 files changed, 29 insertions(+), 31 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 9f4cc46e7..3050728c1 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -390,10 +390,12 @@ def checkConnection(): try: page, _ = Request.getPage() conf.seqMatcher.set_seq1(page) + except sqlmapConnectionException, exceptionMsg: if conf.multipleTargets: exceptionMsg += ", skipping to next url" logger.warn(exceptionMsg) + return False else: raise sqlmapConnectionException, exceptionMsg diff --git a/lib/core/settings.py b/lib/core/settings.py index 18a158303..c8f3dac87 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -68,44 +68,40 @@ SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIAS # TODO: port to command line/configuration file options? SECONDS = 5 RETRIES = 3 +MATCH_RATIO = 0.9 SQL_STATEMENTS = { "SQL SELECT statement": ( - "select ", - " from ", - " where ", - " group by ", - " order by ", - " having ", - " limit ", - " offset ", - " union all ", - " rownum ", - ), + "select ", + " from ", + " where ", + " group by ", + " order by ", + " having ", + " limit ", + " offset ", + " union all ", + " rownum ", ), "SQL data definition": ( - "create ", - "drop ", - "truncate ", - "alter ", - ), + "create ", + "drop ", + "truncate ", + "alter ", ), "SQL data manipulation": ( - "insert ", - "update ", - "delete ", - "merge ", - ), + "insert ", + "update ", + "delete ", + "merge ", ), "SQL data control": ( - "grant ", - ), + "grant ", ), "SQL transaction": ( - "start transaction ", - "begin work ", - "begin transaction ", - "commit ", - "rollback ", - ), + "start transaction ", + "begin work ", + "begin transaction ", + "commit ", + "rollback ", ), } diff --git a/lib/request/comparison.py b/lib/request/comparison.py index f4aed15f0..a42542bf4 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -24,10 +24,10 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -import md5 import re from lib.core.data import conf +from lib.core.settings import MATCH_RATIO def comparison(page, headers=None, getSeqMatcher=False): @@ -74,7 +74,7 @@ def comparison(page, headers=None, getSeqMatcher=False): if getSeqMatcher: return round(conf.seqMatcher.ratio(), 5) - elif round(conf.seqMatcher.ratio(), 5) > 0.9: + elif round(conf.seqMatcher.ratio(), 5) >= MATCH_RATIO: return True else: