PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

more changes

Browse Source
This commit is contained in:
Miroslav Stampar
2010-10-07 15:34:17 +00:00
parent 440ff639bb
commit 18d27cabc5
5 changed files with 25 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/controller/checks.py
View File

@@ -54,6 +54,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
* Double quoted string injection
"""
logic = conf.logic
randInt = randomInt()
randStr = randomStr()
prefix = ""
@@ -73,7 +74,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
if not prefix and not postfix and case.name == "custom":
continue
infoMsg = "testing %s injection " % case.desc
infoMsg = "testing %s (%s) injection " % (case.desc, logic)
infoMsg += "on %s parameter '%s'" % (place, parameter)
logger.info(infoMsg)
@@ -86,7 +87,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
falseResult = Request.queryPage(payload, place)
if not falseResult:
infoMsg = "%s parameter '%s' is %s injectable " % (place, parameter, case.desc)
infoMsg = "%s parameter '%s' is %s (%s) injectable " % (place, parameter, case.desc, logic)
infoMsg += "with %d parenthesis" % parenthesis
logger.info(infoMsg)
return case.name