sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for all that stable, dynamic mambo jambo :)

Browse Source
This commit is contained in:
Miroslav Stampar 2010-11-04 16:44:34 +00:00
parent f1f7e0bfe0
commit e1cec8c02b
5 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/controller/checks.py
View File

@ -52,6 +52,9 @@ def checkSqlInjection(place, parameter, value, parenthesis):
randStr = randomStr() randStr = randomStr()
prefix = "" prefix = ""
postfix = "" postfix = ""
retVal = None
conf.matchRatio = None
if conf.prefix or conf.postfix: if conf.prefix or conf.postfix:
if conf.prefix: if conf.prefix:
@ -87,9 +90,12 @@ def checkSqlInjection(place, parameter, value, parenthesis):
if conf.beep: if conf.beep:
beep() beep()
return case.name retVal = case.name
break
return None kb.paramMatchRatio[(place, parameter)] = conf.matchRatio
return retVal
def heuristicCheckSqlInjection(place, parameter, value): def heuristicCheckSqlInjection(place, parameter, value):
prefix = "" prefix = ""

3
lib/controller/controller.py
View File

@ -30,6 +30,7 @@ from lib.core.exception import sqlmapNotVulnerableException
from lib.core.exception import sqlmapSilentQuitException from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapUserQuitException from lib.core.exception import sqlmapUserQuitException
from lib.core.session import setInjection from lib.core.session import setInjection
from lib.core.session import setMatchRatio
from lib.core.target import initTargetEnv from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv from lib.core.target import setupTargetEnv
from lib.core.target import findPageForms from lib.core.target import findPageForms
@ -290,6 +291,8 @@ def start():
condition = True condition = True
if condition: if condition:
conf.matchRatio = kb.paramMatchRatio[(kb.injPlace, kb.injParameter)]
setMatchRatio()
checkForParenthesis() checkForParenthesis()
action() action()

1
lib/core/option.py
View File

@ -1098,6 +1098,7 @@ def __setKnowledgeBaseAttributes():
kb.osSP = None kb.osSP = None
kb.pageStable = None kb.pageStable = None
kb.paramMatchRatio = {}
kb.parenthesis = None kb.parenthesis = None
kb.partRun = None kb.partRun = None
kb.proxyAuthHeader = None kb.proxyAuthHeader = None

1
lib/core/target.py
View File

@ -300,6 +300,7 @@ def initTargetEnv():
kb.nullConnection = None kb.nullConnection = None
kb.pageStable = None kb.pageStable = None
kb.parenthesis = None kb.parenthesis = None
kb.paramMatchRatio = {}
kb.proxyAuthHeader = None kb.proxyAuthHeader = None
kb.stackedTest = None kb.stackedTest = None
kb.timeTest = None kb.timeTest = None

4
lib/request/comparison.py
View File

@ -15,7 +15,6 @@ from lib.core.common import wasLastRequestError
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.session import setMatchRatio
def comparison(page, headers=None, getSeqMatcher=False, pageLength=None): def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
if page is None and pageLength is None: if page is None and pageLength is None:
@ -94,9 +93,6 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
logger.debug("setting match ratio to default value 0.900") logger.debug("setting match ratio to default value 0.900")
conf.matchRatio = 0.900 conf.matchRatio = 0.900
if conf.matchRatio is not None:
setMatchRatio()
# If it has been requested to return the ratio and not a comparison # If it has been requested to return the ratio and not a comparison
# response # response
if getSeqMatcher: if getSeqMatcher: