PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor patch and minor improvement

Browse Source
This commit is contained in:
Miroslav Stampar
2016-06-03 13:59:32 +02:00
parent cc313280af
commit c5197b99a0
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@@ -476,7 +476,7 @@ def checkSqlInjection(place, parameter, value):
injectable = True
if not injectable and not any((conf.string, conf.notString, conf.regexp)) and kb.pageStable:
if not any((conf.string, conf.notString, conf.regexp)) and kb.pageStable:
trueSet = set(extractTextTagContent(truePage))
trueSet = trueSet.union(__ for _ in trueSet for __ in _.split())
@@ -488,7 +488,7 @@ def checkSqlInjection(place, parameter, value):
if candidates:
candidates = sorted(candidates, key=lambda _: len(_))
for candidate in candidates:
if re.match(r"\A\w+\Z", candidate):
if re.match(r"\A\w+\Z", candidate) and candidate in truePage and candidate not in falsePage:
break
conf.string = candidate