Added generic and mysql UNION tests from 1 to 25 columns.

Adapted config file and command line removing now outdated --union-test switch. Minor bug fix. Minor code refactoring. Got rid of some debug messages, standardized logging of UNION tests.
2025-12-06 20:51:31 +00:00 · 2011-01-11 22:56:21 +00:00
parent 300128042c
commit 2f5995a7eb
8 changed files with 208 additions and 71 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -235,7 +235,6 @@ def checkSqlInjection(place, parameter, value):
                # default) value
                # Parse boundary's <level>
                if boundary.level > conf.level:
-                    # NOTE: shall we report every single skipped boundary too?
                    continue

                # Skip boundary if it does not match against test's <clause>
@@ -377,9 +376,7 @@ def checkSqlInjection(place, parameter, value):

                        # In case of UNION query SQL injection
                        elif method == PAYLOAD.METHOD.UNION:
-                            conf.uChar = test.request.char
-                            conf.uCols = test.request.columns
-                            configUnion()
+                            configUnion(test.request.char, test.request.columns)

                            reqPayload, unionVector = unionTest(comment, place, parameter, value, prefix, suffix)