better detection if vulnerable of not for regression test

bdamele · bdamele · commit d43b04c5829a · 2013-01-21T17:09:35.000Z
diff --git a/lib/core/testing.py b/lib/core/testing.py
@@ -139,6 +139,7 @@ def liveTest():
         parse = []
         switches = dict(global_)
         value = ""
+        vulnerable = True
 
         if case.hasAttribute("name"):
             name = case.getAttribute("name")
@@ -165,7 +166,10 @@ def liveTest():
         msg = "running live test case: %s (%d/%d)" % (name, count, length)
         logger.info(msg)
 
-        result = runCase(switches, parse)
+        try:
+            runCase(switches, parse)
+        except SqlmapNotVulnerableException:
+            vulnerable = False
 
         test_case_fd = codecs.open(os.path.join(paths.SQLMAP_OUTPUT_PATH, "test_case"), "wb", UNICODE_ENCODING)
         test_case_fd.write("%s\n" % name)
@@ -182,7 +186,7 @@ def liveTest():
             errMsg += "- scan folder: %s " % paths.SQLMAP_OUTPUT_PATH
             errMsg += "- traceback: %s" % bool(failedTraceBack)
 
-            if result is False:
+            if not vulnerable:
                 errMsg += " - SQL injection not detected"
 
             logger.error(errMsg)
