Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 295a7a8

Browse files
stamparmstamparm
committed
Another update for Issue #80 
1 parent 9a4f8d5 commit 295a7a8

1 file changed

Lines changed: 2 additions & 1 deletion

File tree

lib/techniques/union/test.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
from lib.core.settings import MAX_RATIO
3535
from lib.core.settings import MIN_STATISTICAL_RANGE
3636
from lib.core.settings import MIN_UNION_RESPONSES
37+
from lib.core.settings import NULL
3738
from lib.core.settings import ORDER_BY_STEP
3839
from lib.core.unescaper import unescaper
3940
from lib.request.comparison import comparison
@@ -255,7 +256,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
255256
warnMsg = "if UNION based SQL injection is not detected, "
256257
warnMsg += "please consider "
257258

258-
if not conf.uChar and count > 1:
259+
if not conf.uChar and count > 1 and kb.uChar == NULL:
259260
message = "injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] "
260261
test = readInput(message, default="Y")
261262
if test[0] not in ("y", "Y"):

0 commit comments

Comments
 (0)