MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / checkFilteredChars

Function checkFilteredChars

lib/controller/checks.py:1000–1026  ·  view source on GitHub ↗
(injection)

Source from the content-addressed store, hash-verified

998
999@stackedmethod
1000def checkFilteredChars(injection):
1001 debugMsg = "checking for filtered characters"
1002 logger.debug(debugMsg)
1003
1004 pushValue(kb.injection)
1005
1006 kb.injection = injection
1007 randInt = randomInt()
1008
1009 # all other techniques are already using parentheses in tests
1010 if len(injection.data) == 1 and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data:
1011 if not checkBooleanExpression("(%d)=%d" % (randInt, randInt)):
1012 warnMsg = "it appears that some non-alphanumeric characters (i.e. ()) are "
1013 warnMsg += "filtered by the back-end server. There is a strong "
1014 warnMsg += "possibility that sqlmap won't be able to properly "
1015 warnMsg += "exploit this vulnerability"
1016 logger.warning(warnMsg)
1017
1018 # inference techniques depend on character '>'
1019 if not any(_ in injection.data for _ in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.QUERY)):
1020 if not checkBooleanExpression("%d>%d" % (randInt + 1, randInt)):
1021 warnMsg = "it appears that the character '>' is "
1022 warnMsg += "filtered by the back-end server. You are strongly "
1023 warnMsg += "advised to rerun with the '--tamper=between'"
1024 logger.warning(warnMsg)
1025
1026 kb.injection = popValue()
1027
1028def heuristicCheckSqlInjection(place, parameter):
1029 if conf.skipHeuristics:

Callers 1

checkSqlInjectionFunction · 0.85

Calls 5

pushValueFunction · 0.90
randomIntFunction · 0.90
checkBooleanExpressionFunction · 0.90
popValueFunction · 0.90
debugMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…