minor "statistical" update

2025-02-03 13:14:13 +03:00 · 2011-02-03 16:59:49 +00:00 · 2011-02-03 16:59:49 +00:00 · e5f54644f0
commit e5f54644f0
parent 3bd6e538f8
2 changed files with 8 additions and 0 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -232,3 +232,6 @@ SENSITIVE_DATA_REGEX = "\s(?P<result>[^\s]*%s[^\s]*)\s"
 # Maximum number of threads (avoiding connection issues and/or DoS)
 MAX_NUMBER_OF_THREADS = 10
 # Minimum range between minimum and maximum of statistical set
 MIN_STATISTICAL_RANGE = 0.01
--- a/lib/techniques/inband/union/test.py
+++ b/lib/techniques/inband/union/test.py
@ -31,6 +31,7 @@ from lib.core.enums import DBMS
 from lib.core.enums import PAYLOAD
 from lib.core.settings import FROM_TABLE
 from lib.core.settings import UNION_STDEV_COEFF
 from lib.core.settings import MIN_STATISTICAL_RANGE
 from lib.core.settings import MIN_UNION_RESPONSES
 from lib.core.unescaper import unescaper
 from lib.parse.html import htmlParser
@ -65,6 +66,10 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
    ratios.pop(ratios.index(max_))
    deviation = stdev(ratios)
    if abs(max_ - min_) < MIN_STATISTICAL_RANGE:
        return None
    lower, upper = average(ratios) - UNION_STDEV_COEFF * deviation, average(ratios) + UNION_STDEV_COEFF * deviation
    minItem, maxItem = None, None