PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 04:31:30 +00:00
Code Issues Projects Releases Wiki Activity

Fixes #5232

Browse Source
This commit is contained in:
Miroslav Stampar
2022-11-21 00:37:48 +01:00
parent 55b2b43f0e
commit b8fa0edea6
3 changed files with 17 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/controller/checks.py
View File

@@ -10,7 +10,6 @@ import logging
import random
import re
import socket
import subprocess
import time
from extra.beep.beep import beep
@@ -783,22 +782,8 @@ def checkSqlInjection(place, parameter, value):
injection.conf.regexp = conf.regexp
injection.conf.optimize = conf.optimize
if not kb.alerted:
if conf.beep:
beep()
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
try:
process = subprocess.Popen(conf.alert, shell=True)
process.wait()
except Exception as ex:
errMsg = "error occurred while executing '%s' ('%s')" % (conf.alert, getSafeExString(ex))
logger.error(errMsg)
kb.alerted = True
if conf.beep:
beep()
# There is no need to perform this test for other
# <where> tags
@@ -859,10 +844,8 @@ def checkSqlInjection(place, parameter, value):
if not checkFalsePositives(injection):
if conf.hostname in kb.vulnHosts:
kb.vulnHosts.remove(conf.hostname)
if NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE not in injection.notes:
injection.notes.append(NOTE.FALSE_POSITIVE_OR_UNEXPLOITABLE)
else:
injection = None