PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Minor update for an Issue #222

Browse Source
This commit is contained in:
Miroslav Stampar
2012-10-25 13:35:44 +02:00
parent 8a5844a364
commit fdcdd11cb9
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/controller/checks.py
View File

@@ -625,7 +625,7 @@ def checkFalsePositives(injection):
def checkSuhoshinPatch(injection): def checkSuhoshinPatch(injection):
""" """
Checks for existence of Suhoshin-patch (like) protection mechanism Checks for existence of Suhoshin-patch (and alike) protection mechanism(s)
""" """
if injection.place == PLACE.GET: if injection.place == PLACE.GET:
@@ -634,7 +634,8 @@ def checkSuhoshinPatch(injection):
kb.injection = injection kb.injection = injection
randInt = randomInt() randInt = randomInt()
if not checkBooleanExpression("%d=%s%d" % (randInt, " " * SUHOSHIN_MAX_VALUE_LENGTH, randInt)): _ = " " * SUHOSHIN_MAX_VALUE_LENGTH
if not checkBooleanExpression("%d%s=%s%d" % (randInt, _, _, randInt)):
warnMsg = "parameter length constraint " warnMsg = "parameter length constraint "
warnMsg += "mechanism detected (e.g. Suhoshin patch). " warnMsg += "mechanism detected (e.g. Suhoshin patch). "
warnMsg += "Potential problems in enumeration phase can be expected" warnMsg += "Potential problems in enumeration phase can be expected"