Implementation for an Issue #507

2025-12-06 12:41:30 +00:00 · 2013-08-13 18:55:23 +02:00
parent 4929cff0c0
commit 52a71546d0
2 changed files with 8 additions and 1 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -287,7 +287,13 @@ def start():
                if paramKey not in kb.testedParams:
                    testSqlInj = True

-            testSqlInj &= conf.hostname not in kb.vulnHosts
+            if testSqlInj and conf.hostname in kb.vulnHosts:
+                if kb.skipVulnHost is None:
+                    message = "vulnerability has already been detected "
+                    message += "against '%s'. Do you want to skip " % conf.hostname
+                    message += "further tests involving it? [Y/n]"
+                    kb.skipVulnHost = readInput(message, default="Y").upper() != 'N'
+                testSqlInj = not kb.skipVulnHost

            if not testSqlInj:
                infoMsg = "skipping '%s'" % targetUrl