sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-09 18:23:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars

Browse Source
This commit is contained in:
Miroslav Stampar 2012-05-26 07:00:26 +00:00
parent 00d22f013f
commit d335ec0c34
3 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/option.py
View File

@ -1512,6 +1512,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.testQueryCount = 0 kb.testQueryCount = 0
kb.threadContinue = True kb.threadContinue = True
kb.threadException = False kb.threadException = False
kb.timeValidCharsRun = 0
kb.uChar = NULL kb.uChar = NULL
kb.xpCmdshellAvailable = False kb.xpCmdshellAvailable = False

3
lib/core/settings.py
View File

@ -487,3 +487,6 @@ LARGE_CHUNK_TRIM_MARKER = "__TRIMMED_CONTENT__"
# Generic SQL comment formation # Generic SQL comment formation
GENERIC_SQL_COMMENT = "-- " GENERIC_SQL_COMMENT = "-- "
# Threshold value for turning back on time auto-adjustment mechanism
VALID_TIME_CHARS_RUN_THRESHOLD = 100

11
lib/techniques/blind/inference.py
View File

@ -43,6 +43,7 @@ from lib.core.settings import INFERENCE_EQUALS_CHAR
from lib.core.settings import INFERENCE_NOT_EQUALS_CHAR from lib.core.settings import INFERENCE_NOT_EQUALS_CHAR
from lib.core.settings import MAX_TIME_REVALIDATION_STEPS from lib.core.settings import MAX_TIME_REVALIDATION_STEPS
from lib.core.settings import PARTIAL_VALUE_MARKER from lib.core.settings import PARTIAL_VALUE_MARKER
from lib.core.settings import VALID_TIME_CHARS_RUN_THRESHOLD
from lib.core.threads import getCurrentThreadData from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads from lib.core.threads import runThreads
from lib.core.unescaper import unescaper from lib.core.unescaper import unescaper
@ -282,13 +283,14 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
errMsg = "invalid character detected. retrying.." errMsg = "invalid character detected. retrying.."
logger.error(errMsg) logger.error(errMsg)
kb.timeValidCharsRun = 0
conf.timeSec += 1 conf.timeSec += 1
warnMsg = "increasing time delay to %d second%s " % (conf.timeSec, 's' if conf.timeSec > 1 else '') warnMsg = "increasing time delay to %d second%s " % (conf.timeSec, 's' if conf.timeSec > 1 else '')
logger.warn(warnMsg) logger.warn(warnMsg)
if kb.adjustTimeDelay: if kb.adjustTimeDelay:
dbgMsg = "turning off auto-adjustment mechanism" dbgMsg = "turning off time auto-adjustment mechanism"
logger.debug(dbgMsg) logger.debug(dbgMsg)
kb.adjustTimeDelay = False kb.adjustTimeDelay = False
@ -299,6 +301,13 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
conf.timeSec = kb.originalTimeDelay conf.timeSec = kb.originalTimeDelay
return decodeIntToUnicode(retVal) return decodeIntToUnicode(retVal)
else: else:
if timeBasedCompare:
kb.timeValidCharsRun += 1
if not kb.adjustTimeDelay and kb.timeValidCharsRun > VALID_TIME_CHARS_RUN_THRESHOLD:
dbgMsg = "turning on time auto-adjustment mechanism"
logger.debug(dbgMsg)
kb.adjustTimeDelay = True
return decodeIntToUnicode(retVal) return decodeIntToUnicode(retVal)
else: else:
return None return None