Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 24c5d7b

Browse files
stamparmstamparm
committed
code refactoring
1 parent 9c94a23 commit 24c5d7b

4 files changed

Lines changed: 16 additions & 3 deletions

File tree

lib/controller/checks.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@
2121
from lib.core.common import randomStr
2222
from lib.core.common import readInput
2323
from lib.core.common import showStaticWords
24+
from lib.core.common import wasLastRequestError
2425
from lib.core.common import DynamicContentItem
2526
from lib.core.convert import urlencode
2627
from lib.core.data import conf
@@ -103,7 +104,7 @@ def heuristicCheckSqlInjection(place, parameter, value):
103104
payload = conf.paramDict[place][parameter].replace('*', payload)
104105

105106
Request.queryPage(payload, place)
106-
result = kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID
107+
result = wasLastRequestError()
107108

108109
infoMsg = "(error based) heuristics shows that %s " % place
109110
infoMsg += "parameter '%s' is " % parameter

lib/core/common.py

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1479,7 +1479,19 @@ def commonFinderOnly(initial, sequence):
14791479
return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence))
14801480

14811481
def pushValue(value):
1482+
"""
1483+
Push value to the stack
1484+
"""
14821485
kb.valueStack.append(value)
14831486

14841487
def popValue():
1488+
"""
1489+
Pop value from the stack
1490+
"""
14851491
return kb.valueStack.pop()
1492+
1493+
def wasLastRequestError():
1494+
"""
1495+
Returns True if the last web request resulted in a (recognized) DBMS error page
1496+
"""
1497+
return kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID

lib/core/option.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1006,7 +1006,6 @@ def __setConfAttributes():
10061006
conf.dbmsConnector = None
10071007
conf.dbmsHandler = None
10081008
conf.dumpPath = None
1009-
conf.errorComparison = True
10101009
conf.minMatchBlock = 8
10111010
conf.dynMarkLength = 32
10121011
conf.httpHeaders = []

lib/request/comparison.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111

1212
from lib.core.common import getFilteredPageContent
1313
from lib.core.common import preparePageForLineComparison
14+
from lib.core.common import wasLastRequestError
1415
from lib.core.data import conf
1516
from lib.core.data import kb
1617
from lib.core.data import logger
@@ -94,7 +95,7 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
9495
return ratio
9596

9697
# In case of an DBMS error page return False
97-
elif conf.errorComparison and kb.lastErrorPage and kb.lastErrorPage[0]==kb.lastRequestUID:
98+
elif wasLastRequestError():
9899
return False
99100

100101
# If the url is not stable it returns sequence matcher between the

0 commit comments

Comments
 (0)