Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases

This commit is contained in:
Miroslav Stampar 2014-02-09 17:50:16 +01:00
parent 8521265526
commit fe0ff6e679

View File

@ -390,7 +390,7 @@ def checkSqlInjection(place, parameter, value):
# Perform the test's False request # Perform the test's False request
if not falseResult: if not falseResult:
infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title) infoMsg = "%s parameter '%s' seems to be '%s' injectable " % (place, parameter, title)
logger.info(infoMsg) logger.info(infoMsg)
injectable = True injectable = True
@ -445,7 +445,7 @@ def checkSqlInjection(place, parameter, value):
trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True, raise404=False) trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True, raise404=False)
if trueResult: if trueResult:
infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title) infoMsg = "%s parameter '%s' seems to be '%s' injectable " % (place, parameter, title)
logger.info(infoMsg) logger.info(infoMsg)
injectable = True injectable = True