PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 21:21:33 +00:00
Code Issues Projects Releases Wiki Activity

Another minor update

Browse Source
This commit is contained in:
Miroslav Stampar
2014-08-20 01:59:30 +02:00
parent d08c1b7c04
commit 6795b51c7e
1 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@@ -741,6 +741,8 @@ def checkFilteredChars(injection):
kb.injection = injection kb.injection = injection
randInt = randomInt() randInt = randomInt()
# all other techniques are already using parentheses in tests
if len(injection.data) == 1 and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data:
if not checkBooleanExpression("(%d)=%d" % (randInt, randInt)): if not checkBooleanExpression("(%d)=%d" % (randInt, randInt)):
warnMsg = "it appears that some non-alphanumeric characters (i.e. ()) are " warnMsg = "it appears that some non-alphanumeric characters (i.e. ()) are "
warnMsg += "filtered by the back-end server. There is a strong " warnMsg += "filtered by the back-end server. There is a strong "
@@ -748,6 +750,8 @@ def checkFilteredChars(injection):
warnMsg += "exploit this vulnerability" warnMsg += "exploit this vulnerability"
logger.critical(warnMsg) logger.critical(warnMsg)
# inference techniques depend on character '>'
if not any(_ in injection.data for _ in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.QUERY)):
if not checkBooleanExpression("%d>%d" % (randInt+1, randInt)): if not checkBooleanExpression("%d>%d" % (randInt+1, randInt)):
warnMsg = "it appears that the character '>' is " warnMsg = "it appears that the character '>' is "
warnMsg += "filtered by the back-end server. You are strongly " warnMsg += "filtered by the back-end server. You are strongly "