Merge branch 'master' of github.com:sqlmapproject/sqlmap

bdamele · bdamele · commit 6cd780ecc00e · 2013-01-18T15:36:32.000Z
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -360,11 +360,11 @@ def genCmpPayload():
                             kb.matchRatio = None
                             kb.negativeLogic = (where == PAYLOAD.WHERE.NEGATIVE)
                             Request.queryPage(genCmpPayload(), place, raise404=False)
-                            falsePage = threadData.lastComparisonPage or ""
+                            falseContent = threadData.lastComparisonContent
 
                             # Perform the test's True request
                             trueResult = Request.queryPage(reqPayload, place, raise404=False)
-                            truePage = threadData.lastComparisonPage or ""
+                            trueContent = threadData.lastComparisonContent
 
                             if trueResult:
                                 falseResult = Request.queryPage(genCmpPayload(), place, raise404=False)
@@ -377,11 +377,11 @@ def genCmpPayload():
                                     injectable = True
 
                             if not injectable and not any((conf.string, conf.notString, conf.regexp)) and kb.pageStable:
-                                trueSet = set(extractTextTagContent(truePage))
-                                falseSet = set(extractTextTagContent(falsePage))
-                                candidates = filter(None, (_.strip() if _.strip() in (kb.pageTemplate or "") and _.strip() not in falsePage else None for _ in (trueSet - falseSet)))
+                                trueSet = set(extractTextTagContent(trueContent))
+                                falseSet = set(extractTextTagContent(falseContent))
+                                candidates = filter(None, (_.strip() if _.strip() in (kb.pageTemplate or "") and _.strip() not in falseContent else None for _ in (trueSet - falseSet)))
                                 if candidates:
-                                    conf.string = random.sample(candidates, 1)[0]
+                                    conf.string = candidates[0]
                                     infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=\"%s\")" % (place, parameter, title, repr(conf.string).lstrip('u').strip("'"))
                                     logger.info(infoMsg)
 
diff --git a/lib/core/threads.py b/lib/core/threads.py
@@ -41,7 +41,7 @@ def reset(self):
         self.disableStdOut = False
         self.hashDBCursor = None
         self.inTransaction = False
-        self.lastComparisonPage = None
+        self.lastComparisonContent = None
         self.lastErrorPage = None
         self.lastHTTPError = None
         self.lastRedirectMsg = None
diff --git a/lib/request/comparison.py b/lib/request/comparison.py
@@ -46,29 +46,26 @@ def _adjust(condition, getRatioValue):
 def _comparison(page, headers, code, getRatioValue, pageLength):
     threadData = getCurrentThreadData()
 
-    if kb.testMode:
-        threadData.lastComparisonPage = page
+    if kb.testMode or any((conf.string, conf.notString, conf.regexp)):
+        threadData.lastComparisonContent = "%s%s" % (listToStrValue(headers.headers if headers else ""), page or "")
 
     if page is None and pageLength is None:
         return None
 
     seqMatcher = threadData.seqMatcher
     seqMatcher.set_seq1(kb.pageTemplate)
 
-    if any((conf.string, conf.notString, conf.regexp)):
-        rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)
+    # String to match in page when the query is True and/or valid
+    if conf.string:
+        return conf.string in threadData.lastComparisonContent
 
-        # String to match in page when the query is True and/or valid
-        if conf.string:
-            return conf.string in rawResponse
+    # String to match in page when the query is False and/or invalid
+    if conf.notString:
+        return conf.notString not in threadData.lastComparisonContent
 
-        # String to match in page when the query is False and/or invalid
-        if conf.notString:
-            return conf.notString not in rawResponse
-
-        # Regular expression to match in page when the query is True and/or valid
-        if conf.regexp:
-            return re.search(conf.regexp, rawResponse, re.I | re.M) is not None
+    # Regular expression to match in page when the query is True and/or valid
+    if conf.regexp:
+        return re.search(conf.regexp, threadData.lastComparisonContent, re.I | re.M) is not None
 
     # HTTP code to match when the query is valid
     if conf.code:
