PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-09 06:01:29 +00:00
Code Issues Projects Releases Wiki Activity

adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical

Browse Source
This commit is contained in:
Miroslav Stampar
2012-04-25 20:29:07 +00:00
parent 4da03d898e
commit 6f67dc85ee
5 changed files with 38 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/core/agent.py
View File

@@ -87,15 +87,17 @@ class Agent:
if where == PAYLOAD.WHERE.ORIGINAL:
value = origValue
elif where == PAYLOAD.WHERE.NEGATIVE:
if not conf.logicalNegate:
if conf.invalidLogical:
match = re.search(r'\A[^ ]+', newValue)
newValue = newValue[len(match.group() if match else ""):]
value = "%s%s AND %s=%s" % (origValue, match.group() if match else "", randomInt(2), randomInt(2))
elif conf.invalidBignum:
value = "%d.%d" % (randomInt(6), randomInt(1))
else:
if newValue.startswith("-"):
value = ""
else:
value = "-%s" % randomInt()
else:
match = re.search(r'\A[^ ]+', newValue)
newValue = newValue[len(match.group() if match else ""):]
value = "%s%s AND %s=%s" % (origValue, match.group() if match else "", randomInt(2), randomInt(2))
elif where == PAYLOAD.WHERE.REPLACE:
value = ""
else:

3
lib/core/optiondict.py
View File

@@ -63,9 +63,10 @@ optDict = {
"testParameter": "string",
"dbms": "string",
"os": "string",
"invalidBignum": "boolean",
"invalidLogical": "boolean",
"prefix": "string",
"suffix": "string",
"logicalNegate": "boolean",
"skip": "string",
"tamper": "string"
},