|
34 | 34 | from lib.core.common import randomStr |
35 | 35 | from lib.core.common import readInput |
36 | 36 | from lib.core.common import showStaticWords |
| 37 | +from lib.core.common import singleTimeLogMessage |
37 | 38 | from lib.core.common import singleTimeWarnMessage |
38 | 39 | from lib.core.common import wasLastRequestDBMSError |
39 | 40 | from lib.core.common import wasLastRequestHTTPError |
@@ -108,6 +109,20 @@ def checkSqlInjection(place, parameter, value): |
108 | 109 | logger.debug(debugMsg) |
109 | 110 | continue |
110 | 111 |
|
| 112 | + match = re.search(r"(\d+)-(\d+)", test.request.columns) |
| 113 | + if injection.data and match: |
| 114 | + lower, upper = int(match.group(1)), int(match.group(2)) |
| 115 | + for _ in (lower, upper): |
| 116 | + if _ > 1: |
| 117 | + infoMsg = "automatically extending ranges " |
| 118 | + infoMsg += "for further UNION query injection technique tests as " |
| 119 | + infoMsg += "there is at least one other injection technique found" |
| 120 | + singleTimeLogMessage(infoMsg) |
| 121 | + |
| 122 | + test.request.columns = re.sub(r"\b%d\b" % _, str(2 * _), test.request.columns) |
| 123 | + title = re.sub(r"\b%d\b" % _, str(2 * _), title) |
| 124 | + test.title = re.sub(r"\b%d\b" % _, str(2 * _), test.title) |
| 125 | + |
111 | 126 | # Skip test if the user's wants to test only for a specific |
112 | 127 | # technique |
113 | 128 | if conf.tech and isinstance(conf.tech, list) and stype not in conf.tech: |
|
0 commit comments