unfix

lib/controller/checks.py

@@ -80,7 +80,6 @@ def checkSqlInjection(place, parameter, value):
             if kb.endDetection:
                 break
 
-            proceed = True
             title = test.title
             stype = test.stype
             clause = test.clause
@@ -103,6 +102,7 @@ def checkSqlInjection(place, parameter, value):
                     else:
                         title = title.replace("[COLSTART]", str(conf.uColsStart))
                         title = title.replace("[COLSTOP]", str(conf.uColsStop))
+
                 elif conf.uCols is not None:
                     debugMsg = "skipping test '%s' because the user " % title
                     debugMsg += "provided custom column range %s" % conf.uCols
@@ -211,17 +211,6 @@ def checkSqlInjection(place, parameter, value):
                 logger.debug(debugMsg)
                 continue
 
-            if len(kb.tested) > 0 and stype in kb.tested:
-                debugMsg = "skipping test '%s' because this " % title
-                debugMsg += "technique has already been detected "
-                debugMsg += "in a previous run"
-                logger.debug(debugMsg)
-
-                proceed = False
-
-            if not proceed:
-                continue
-
             infoMsg = "testing '%s'" % title
             logger.info(infoMsg)
 

lib/controller/controller.py

@@ -43,7 +43,6 @@ from lib.core.exception import sqlmapSilentQuitException
 from lib.core.exception import sqlmapValueException
 from lib.core.exception import sqlmapUserQuitException
 from lib.core.session import setInjection
-from lib.core.session import setTestedTechniques
 from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
 from lib.core.settings import IGNORE_PARAMETERS
 from lib.core.settings import REFERER_ALIASES
@@ -198,7 +197,6 @@ def start():
             initTargetEnv()
             parseTargetUrl()
 
-            proceed = False
             testSqlInj = False
 
             if PLACE.GET in conf.parameters:
@@ -319,15 +317,9 @@ def start():
                             # TODO: consider the following line in __setRequestParams()
                             # __testableParameters = True
 
-            if len(kb.tested) > 0:
-                for t in conf.tech:
-                    if t not in kb.tested:
-                        proceed = True
-                        break
-            else:
-                proceed = True
+            if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) \
+                and (kb.injection.place is None or kb.injection.parameter is None):
 
-            if proceed:
                 if not conf.string and not conf.regexp:
                     # NOTE: this is not needed anymore, leaving only to display
                     # a warning message to the user in case the page is not stable
@@ -435,8 +427,6 @@ def start():
                                 warnMsg += "injectable"
                                 logger.warn(warnMsg)
 
-            setTestedTechniques()
-
             if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
                 if not conf.realTest:
                     errMsg = "all parameters are not injectable."
@@ -457,8 +447,8 @@ def start():
 
                     if not conf.string and not conf.regexp:
                         errMsg += " Rerun by providing either a valid --string "
-                        errMsg += "or a valid --regexp (refer to the user's "
-                        errMsg += "manual for details)"
+                        errMsg += "or a valid --regexp, refer to the user's "
+                        errMsg += "manual for details"
                     elif conf.string:
                         errMsg += " Rerun by providing a valid --string, perhaps "
                         errMsg += "the string that you have choosen does not match "