PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Ahead with the improvements to the comparison algorithm.

Browse Source 
Added support internally to forge CASE statements, used only by
--is-dba query at the moment.
Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and
SQL shell.
Minor code adjustments.
This commit is contained in:
Bernardo Damele
2008-12-19 20:09:46 +00:00
parent 68354be45a
commit ad228e6947
11 changed files with 132 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/request/comparison.py
View File

@@ -68,15 +68,13 @@ def comparison(page, headers=None, content=False):
return False
# By default it returns the page content MD5 hash
if not conf.equalLines and not conf.contentLengths:
if not conf.equalLines and not conf.pageLengths:
return md5.new(page).hexdigest()
# TODO: go ahead from here
# Comparison algorithm based on Content-Length header value
elif conf.contentLengths:
minValue = conf.contentLengths[0] - 10
maxValue = conf.contentLengths[1] + 10
# Comparison algorithm based on page length value
elif conf.pageLengths:
minValue = conf.pageLengths[0]
maxValue = conf.pageLengths[1]
if len(page) >= minValue and len(page) <= maxValue:
return True