Implementing --skip-heuristics (#4414)

2025-02-03 05:04:11 +03:00 · 2020-11-09 22:11:11 +01:00 · 2020-11-09 22:11:11 +01:00 · c243c5fe0d
commit c243c5fe0d
parent a35fc713a2
5 changed files with 16 additions and 1 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -876,8 +876,12 @@ def heuristicCheckDbms(injection):
    to identify with a simple DBMS specific boolean-based test what the DBMS
    may be
    """
+
    retVal = False

+    if conf.skipHeuristics:
+        return retVal
+
    pushValue(kb.injection)
    kb.injection = injection

@ -1031,6 +1035,9 @@ def checkFilteredChars(injection):
    kb.injection = popValue()

 def heuristicCheckSqlInjection(place, parameter):
+    if conf.skipHeuristics:
+        return None
+
    if kb.heavilyDynamic:
        debugMsg = "heuristic check skipped because of heavy dynamicity"
        logger.debug(debugMsg)
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -228,6 +228,7 @@ optDict = {
        "repair": "boolean",
        "saveConfig": "string",
        "scope": "string",
+        "skipHeuristics": "boolean",
        "skipWaf": "boolean",
        "testFilter": "string",
        "testSkip": "string",
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.4.11.3"
+VERSION = "1.4.11.4"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -700,6 +700,9 @@ def cmdLineParser(argv=None):
        general.add_argument("--scope", dest="scope",
            help="Regexp for filtering targets")

+        general.add_argument("--skip-heuristics", dest="skipHeuristics", action="store_true",
+            help="Skip heuristic detection of SQLi/XSS vulnerabilities")
+
        general.add_argument("--skip-waf", dest="skipWaf", action="store_true",
            help="Skip heuristic detection of WAF/IPS protection")

--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -787,6 +787,10 @@ repair = False
 # Example: (google|yahoo)
 scope = 

+# Skip heuristic detection of SQLi/XSS vulnerabilities.
+# Valid: True or False
+skipHeuristics = False
+
 # Skip heuristic detection of WAF/IPS protection.
 # Valid: True or False
 skipWaf = False