Patch for cases when error page looks more like original, than the False one does

2025-12-06 12:41:30 +00:00 · 2016-05-30 16:46:23 +02:00
parent b965e5bf1c
commit 229d3a7dd0
4 changed files with 13 additions and 5 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -79,6 +79,7 @@ from lib.core.settings import URI_HTTP_HEADER
 from lib.core.settings import UPPER_RATIO_BOUND
 from lib.core.threads import getCurrentThreadData
 from lib.request.connect import Connect as Request
+from lib.request.comparison import comparison
 from lib.request.inject import checkBooleanExpression
 from lib.request.templates import getPageTemplate
 from lib.techniques.union.test import unionTest
@@ -464,6 +465,11 @@ def checkSqlInjection(place, parameter, value):
                                        errorResult = Request.queryPage(errorPayload, place, raise404=False)
                                        if errorResult:
                                            continue
+                                    elif not any((conf.string, conf.notString, conf.regexp, conf.code, kb.nullConnection)):
+                                        _ = comparison(kb.heuristicPage, None, getRatioValue=True)
+                                        if _ > kb.matchRatio:
+                                            kb.matchRatio = _
+                                            logger.debug("adjusting match ratio for current parameter to %.3f" % kb.matchRatio)

                                    infoMsg = "%s parameter '%s' appears to be '%s' injectable " % (paramType, parameter, title)
                                    logger.info(infoMsg)
@@ -899,6 +905,7 @@ def heuristicCheckSqlInjection(place, parameter):
    payload = agent.payload(place, parameter, newValue=payload)
    page, _ = Request.queryPage(payload, place, content=True, raise404=False)

+    kb.heuristicPage = page
    kb.heuristicMode = False

    parseFilePaths(page)