PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

few reverts

Browse Source
This commit is contained in:
Miroslav Stampar
2011-02-06 22:10:28 +00:00
parent b9b2fe0e7c
commit 078a2207cc
3 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@@ -200,6 +200,7 @@ def checkSqlInjection(place, parameter, value):
# Parse test's <request>
comment = agent.getComment(test.request)
fstPayload = agent.cleanupPayload(test.request.payload, value)
fstPayload = unescaper.unescape(fstPayload, dbms=dbms)
for boundary in conf.boundaries:
injectable = False
@@ -286,6 +287,7 @@ def checkSqlInjection(place, parameter, value):
# In case of boolean-based blind SQL injection
if method == PAYLOAD.METHOD.COMPARISON:
sndPayload = agent.cleanupPayload(test.response.comparison, value)
sndPayload = unescaper.unescape(sndPayload, dbms=dbms)
# Forge response payload by prepending with
# boundary's prefix and appending the boundary's