making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection

stamparm · stamparm · commit 56638f9e95cd · 2012-03-30T10:50:01.000Z
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -285,7 +285,7 @@ def checkSqlInjection(place, parameter, value):
                         # Use different page template than the original
                         # one as we are changing parameters value, which
                         # will likely result in a different content
-                        if not conf.logicNegative:
+                        if not conf.logicalNegate:
                             origValue = "-%s" % randomInt()
                         else:
                             origValue = "%s AND %s=%s" % (origValue, randomInt(), randomInt())
diff --git a/lib/core/agent.py b/lib/core/agent.py
@@ -87,7 +87,7 @@ def payload(self, place=None, parameter=None, value=None, newValue=None, where=N
             if where == PAYLOAD.WHERE.ORIGINAL:
                 value = origValue
             elif where == PAYLOAD.WHERE.NEGATIVE:
-                if not conf.logicNegative:
+                if not conf.logicalNegate:
                     if newValue.startswith("-"):
                         value = ""
                     else:
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -65,7 +65,7 @@
                                "os":                "string",
                                "prefix":            "string",
                                "suffix":            "string",
-                               "logicNegative":     "boolean",
+                               "logicalNegate":     "boolean",
                                "skip":              "string",
                                "tamper":            "string"
                              },
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -196,12 +196,16 @@ def cmdLineParser():
         injection.add_option("--suffix", dest="suffix",
                              help="Injection payload suffix string")
 
-        injection.add_option("--logic-negative", dest="logicNegative",
+        injection.add_option("--logical-negate", dest="logicalNegate",
                              action="store_true",
-                             help="Use logic operation(s) instead of negating values")
+                             help="Use logic operation(s) for negating values")
+
+        injection.add_option("--no-cast", dest="noCast",
+                             action="store_true",
+                             help="Turn off payload casting mechanism")
 
         injection.add_option("--skip", dest="skip",
-                           help="Skip testing for given parameter(s)")
+                             help="Skip testing for given parameter(s)")
 
         injection.add_option("--tamper", dest="tamper",
                              help="Use given script(s) for tampering injection data")
@@ -622,9 +626,6 @@ def cmdLineParser():
         parser.add_option("--group-concat", dest="groupConcat", action="store_true",
                            help=SUPPRESS_HELP)
 
-        parser.add_option("--no-cast", dest="noCast", action="store_true",
-                           help=SUPPRESS_HELP)
-
         parser.add_option("--test-filter", dest="testFilter",
                            help=SUPPRESS_HELP)
 
diff --git a/sqlmap.conf b/sqlmap.conf
@@ -197,9 +197,13 @@ prefix =
 # Injection payload suffix string.
 suffix = 
 
-# Use logic operation(s) instead of negating values.
+# Use logic operation(s) for negating values.
 # Valid: True or False
-logicNegative = False
+logicalNegate = False
+
+# Turn off payload casting mechanism
+# Valid: True or False
+noCast = False
 
 # Skip testing for given parameter(s).
 skip =
