added --beep (tested on Windows and Linux; for now turned off) switch

stamparm · stamparm · commit 52f910f75284 · 2010-10-23T09:38:46.000Z
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -81,7 +81,7 @@ def checkSqlInjection(place, parameter, value, parenthesis):
 
             if not falseResult:
                 infoMsg  = "%s parameter '%s' is %s (%s) injectable " % (place, parameter, case.desc, logic)
-                infoMsg += "with %d parenthesis" % parenthesis
+                infoMsg += "with %d parenthesis%s" % (parenthesis, "\a" if conf.beep else "")
                 logger.info(infoMsg)
                 return case.name
 
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -484,6 +484,10 @@ def cmdLineParser():
                                  action="store_true", default=False,
                                  help="Replicate dumped data into a sqlite3 database")
 
+        miscellaneous.add_option("--beep", dest="beep",
+                                 action="store_true", default=False,
+                                 help="Alert with audio beep when sql injection found")
+
         # Hidden and/or experimental options
         parser.add_option("--profile", dest="profile", action="store_true",
                           default=False, help=SUPPRESS_HELP)
