PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Adding a switch --invalid-string

Browse Source
This commit is contained in:
Miroslav Stampar
2014-01-23 21:56:06 +01:00
parent f88f6dcd7e
commit f97fcb7bb3
5 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/controller/checks.py
View File

@@ -329,11 +329,14 @@ def checkSqlInjection(place, parameter, value):
# one as we are changing parameters value, which
# will likely result in a different content
kb.data.setdefault("randomInt", str(randomInt(10)))
kb.data.setdefault("randomStr", str(randomStr(10)))
if conf.invalidLogical:
_ = int(kb.data.randomInt[:2])
origValue = "%s AND %s=%s" % (value, _, _ + 1)
elif conf.invalidBignum:
origValue = kb.data.randomInt[:6]
elif conf.invalidString:
origValue = kb.data.randomStr[:6]
else:
origValue = "-%s" % kb.data.randomInt[:4]
templatePayload = agent.payload(place, parameter, value="", newValue=origValue, where=where)