PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

update regarding error parsing (and reporting)

Browse Source
This commit is contained in:
Miroslav Stampar
2010-11-16 10:42:42 +00:00
parent 71cb982039
commit 6ef3846400
6 changed files with 32 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@@ -20,7 +20,7 @@ from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import showStaticWords
from lib.core.common import wasLastRequestError
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import DynamicContentItem
from lib.core.data import conf
from lib.core.data import kb
@@ -128,7 +128,7 @@ def heuristicCheckSqlInjection(place, parameter, value):
payload = "%s%s%s%s" % (value, prefix, randomStr(length=10, alphabet=['"', '\'', ')', '(']), postfix)
payload = agent.payload(place, parameter, value, payload)
Request.queryPage(payload, place, raise404=False)
result = wasLastRequestError()
result = wasLastRequestDBMSError()
infoMsg = "(error based) heuristics shows that %s " % place
infoMsg += "parameter '%s' is " % parameter