PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

minor update of false positive check (in considerable amount of cases minus char is filtered/used for other means)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-11-20 20:27:30 +00:00
parent 440b7efe55
commit 8c32b3653b
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@@ -556,9 +556,9 @@ def checkFalsePositives(injection):
retVal = None retVal = None
elif checkBooleanExpression("%d=%d" % (randInt1, randInt2)): elif checkBooleanExpression("%d=%d" % (randInt1, randInt2)):
retVal = None retVal = None
elif not checkBooleanExpression("%d=(%d-%d)" % (abs(randInt1 - randInt2), max(randInt1, randInt2), min(randInt1, randInt2))): if not checkBooleanExpression("%d=(%d+%d)" % (randInt1 + randInt2, randInt1, randInt2)):
retVal = None retVal = None
elif checkBooleanExpression("(%d+%d)=(%d-%d)" % (randInt1, randInt2, randInt1, randInt2)): elif checkBooleanExpression("%d=%d" % (randInt2, randInt1)):
retVal = None retVal = None
if retVal is None: if retVal is None: