Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 620fa1c

Browse files
stamparmstamparm
committed
trust me, i know what i am doing :)
1 parent 73e85bf commit 620fa1c

2 files changed

Lines changed: 8 additions & 6 deletions

File tree

lib/controller/controller.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -217,6 +217,8 @@ def start():
217217
testSqlInj = True
218218
paramKey = (conf.hostname, conf.path, place, parameter)
219219

220+
conf.matchRatio = None
221+
220222
if paramKey in kb.testedParams:
221223
testSqlInj = False
222224

@@ -242,14 +244,14 @@ def start():
242244
if testSqlInj:
243245
heuristicCheckSqlInjection(place, parameter, value)
244246

247+
conf.matchRatio = None
248+
245249
for parenthesis in range(0, 4):
246250
logMsg = "testing sql injection on %s " % place
247251
logMsg += "parameter '%s' with " % parameter
248252
logMsg += "%d parenthesis" % parenthesis
249253
logger.info(logMsg)
250254

251-
conf.matchRatio = None
252-
253255
injType = checkSqlInjection(place, parameter, value, parenthesis)
254256

255257
if injType:

lib/request/comparison.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,10 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
2020
if page is None and pageLength is None:
2121
return None
2222

23+
# In case of an DBMS error page return None
24+
if wasLastRequestError():
25+
return None
26+
2327
regExpResults = None
2428

2529
if page:
@@ -105,10 +109,6 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
105109
if getSeqMatcher:
106110
return ratio
107111

108-
# In case of an DBMS error page return None
109-
elif wasLastRequestError():
110-
return None
111-
112112
elif ratio == 1:
113113
return True
114114

0 commit comments

Comments
 (0)