PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

improvement of heuristic check (now original value is included too)

Browse Source
This commit is contained in:
Miroslav Stampar
2010-11-12 23:06:01 +00:00
parent 06a872fc99
commit 84849316b3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@@ -125,7 +125,7 @@ def heuristicCheckSqlInjection(place, parameter, value):
if conf.postfix:
postfix = conf.postfix
payload = "%s%s%s" % (prefix, randomStr(length=10, alphabet=['"', '\'', ')', '(']), postfix)
payload = "%s%s%s%s" % (value, prefix, randomStr(length=10, alphabet=['"', '\'', ')', '(']), postfix)
payload = agent.payload(place, parameter, value, payload)
Request.queryPage(payload, place, raise404=False)
result = wasLastRequestError()