PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6

Browse Source
This commit is contained in:
Miroslav Stampar
2010-12-24 09:49:19 +00:00
parent cb17e61f35
commit d5eebb1cbf
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/request/comparison.py
View File

@@ -18,6 +18,7 @@ from lib.core.data import kb
from lib.core.data import logger
from lib.core.settings import CONSTANT_RATIO
from lib.core.settings import DIFF_TOLERANCE
from lib.core.settings import LOWER_RATIO_BOUND, UPPER_RATIO_BOUND
def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
if page is None and pageLength is None:
@@ -93,11 +94,11 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
if conf.thold:
kb.matchRatio = conf.thold
elif kb.pageStable and ratio > 0.6 and ratio < 0.99:
elif kb.pageStable and ratio >= LOWER_RATIO_BOUND and ratio <= UPPER_RATIO_BOUND:
kb.matchRatio = ratio
logger.debug("setting match ratio for current parameter to %.3f" % kb.matchRatio)
elif not kb.pageStable or ( kb.pageStable and ratio < 0.6 ):
elif not kb.pageStable:
kb.matchRatio = CONSTANT_RATIO
logger.debug("setting match ratio for current parameter to default value 0.900")