PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-12 17:49:02 +00:00
Code Issues Projects Releases Wiki Activity

Adding test check for --titles

Browse Source
This commit is contained in:
Miroslav Stampar
2026-01-08 23:47:06 +01:00
parent 65ce6ba4c9
commit e2534b3c36
5 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/checks.py
View File

@@ -554,7 +554,7 @@ def checkSqlInjection(place, parameter, value):
injectable = True
elif (threadData.lastComparisonRatio or 0) > UPPER_RATIO_BOUND and not any((conf.string, conf.notString, conf.regexp, conf.code, kb.nullConnection)):
elif (threadData.lastComparisonRatio or 0) > UPPER_RATIO_BOUND and not any((conf.string, conf.notString, conf.regexp, conf.code, conf.titles, kb.nullConnection)):
originalSet = set(getFilteredPageContent(kb.pageTemplate, True, "\n").split("\n"))
trueSet = set(getFilteredPageContent(truePage, True, "\n").split("\n"))
falseSet = set(getFilteredPageContent(falsePage, True, "\n").split("\n"))
@@ -580,7 +580,7 @@ def checkSqlInjection(place, parameter, value):
break
if injectable:
if kb.pageStable and not any((conf.string, conf.notString, conf.regexp, conf.code, kb.nullConnection)):
if kb.pageStable and not any((conf.string, conf.notString, conf.regexp, conf.code, conf.titles, kb.nullConnection)):
if all((falseCode, trueCode)) and falseCode != trueCode and trueCode != kb.heuristicCode:
suggestion = conf.code = trueCode