sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 12:30:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update (tainted values are not checked any more in multipleTargets mode)

Browse Source
This commit is contained in:
Miroslav Stampar 2012-05-25 09:52:17 +00:00
parent dc20bff1d0
commit db526bdbc0
1 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/common.py
View File

@ -539,6 +539,7 @@ def paramToDict(place, parameters=None):
if condition: if condition:
testableParameters[parameter] = "=".join(elem[1:]) testableParameters[parameter] = "=".join(elem[1:])
if not conf.multipleTargets:
if testableParameters[parameter].strip(DUMMY_SQL_INJECTION_CHARS) != testableParameters[parameter]\ if testableParameters[parameter].strip(DUMMY_SQL_INJECTION_CHARS) != testableParameters[parameter]\
or re.search(r'\A9{3,}', testableParameters[parameter]) or re.search(DUMMY_USER_INJECTION, testableParameters[parameter]): or re.search(r'\A9{3,}', testableParameters[parameter]) or re.search(DUMMY_USER_INJECTION, testableParameters[parameter]):
warnMsg = "it appears that you have provided tainted parameter values " warnMsg = "it appears that you have provided tainted parameter values "