PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor update for an Issue #49

Browse Source
This commit is contained in:
Miroslav Stampar
2012-10-04 18:01:42 +02:00
parent 84b05e2d18
commit d464678e10
4 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/agent.py
View File

@@ -13,6 +13,7 @@ from lib.core.common import Backend
from lib.core.common import extractRegexResult
from lib.core.common import getSQLSnippet
from lib.core.common import isDBMSVersionAtLeast
from lib.core.common import isNumber
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomInt
from lib.core.common import randomStr
@@ -113,7 +114,7 @@ class Agent:
if place in (PLACE.URI, PLACE.CUSTOM_POST):
_ = "%s%s" % (origValue, CUSTOM_INJECTION_MARK_CHAR)
if kb.postHint == POST_HINT.JSON and not newValue.isdigit() and not '"%s"' % _ in paramString:
if kb.postHint == POST_HINT.JSON and not isNumber(newValue) and not '"%s"' % _ in paramString:
newValue = '"%s"' % newValue
retVal = paramString.replace(_, self.addPayloadDelimiters(newValue)).replace(CUSTOM_INJECTION_MARK_CHAR, "")
elif place in (PLACE.USER_AGENT, PLACE.REFERER, PLACE.HOST):