added switch --logic-negative

2025-12-06 12:41:30 +00:00 · 2011-10-24 00:40:06 +00:00
parent 8bd3cfdc8e
commit 20ae1c2187
4 changed files with 18 additions and 4 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -289,7 +289,10 @@ def checkSqlInjection(place, parameter, value):
                        # Use different page template than the original
                        # one as we are changing parameters value, which
                        # will likely result in a different content
-                        origValue = "-%s" % randomInt()
+                        if not conf.logicNegative:
+                            origValue = "-%s" % randomInt()
+                        else:
+                            origValue = "%s AND %s=%s" % (origValue, randomInt(), randomInt())
                        templatePayload = agent.payload(place, parameter, newValue=origValue, where=where)
                    elif where == PAYLOAD.WHERE.REPLACE:
                        origValue = ""