adding new switch '--smart' by request

2025-12-06 20:51:31 +00:00 · 2011-07-10 15:16:58 +00:00
parent 5d31eb5ef7
commit 0d6afca7db
4 changed files with 14 additions and 3 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -440,9 +440,11 @@ def start():
                        if testSqlInj:
                            check = heuristicCheckSqlInjection(place, parameter)

-                            if not check and conf.realTest and \
-                               not simpletonCheckSqlInjection(place, parameter, value):
-                                continue
+                            if not check:
+                                if conf.smart or conf.realTest and not simpletonCheckSqlInjection(place, parameter, value):
+                                    infoMsg = "skipping %s parameter '%s'" % (place, parameter)
+                                    logger.info(infoMsg)
+                                    continue

                            infoMsg = "testing sql injection on %s " % place
                            infoMsg += "parameter '%s'" % parameter