MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / checkSqlInjection

Function checkSqlInjection

lib/controller/checks.py:108–860  ·  view source on GitHub ↗
(place, parameter, value)

Source from the content-addressed store, hash-verified

106from thirdparty.six.moves import http_client as _http_client
107
108def checkSqlInjection(place, parameter, value):
109 # Store here the details about boundaries and payload used to
110 # successfully inject
111 injection = InjectionDict()
112
113 # Localized thread data needed for some methods
114 threadData = getCurrentThreadData()
115
116 # Favoring non-string specific boundaries in case of digit-like parameter values
117 if isDigit(value):
118 kb.cache.intBoundaries = kb.cache.intBoundaries or sorted(copy.deepcopy(conf.boundaries), key=lambda boundary: any(_ in (boundary.prefix or "") or _ in (boundary.suffix or "") for _ in ('"', '\'')))
119 boundaries = kb.cache.intBoundaries
120 elif value.isalpha():
121 kb.cache.alphaBoundaries = kb.cache.alphaBoundaries or sorted(copy.deepcopy(conf.boundaries), key=lambda boundary: not any(_ in (boundary.prefix or "") or _ in (boundary.suffix or "") for _ in ('"', '\'')))
122 boundaries = kb.cache.alphaBoundaries
123 else:
124 boundaries = conf.boundaries
125
126 # Set the flag for SQL injection test mode
127 kb.testMode = True
128
129 paramType = conf.method if conf.method not in (None, HTTPMETHOD.GET, HTTPMETHOD.POST) else place
130 tests = getSortedInjectionTests()
131 seenPayload = set()
132
133 kb.data.setdefault("randomInt", str(randomInt(10)))
134 kb.data.setdefault("randomStr", str(randomStr(10)))
135
136 while tests:
137 test = tests.pop(0)
138
139 try:
140 if kb.endDetection:
141 break
142
143 if conf.dbms is None:
144 # If the DBMS has not yet been fingerprinted (via simple heuristic check
145 # or via DBMS-specific payload) and boolean-based blind has been identified
146 # then attempt to identify with a simple DBMS specific boolean-based
147 # test what the DBMS may be
148 if not injection.dbms and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data:
149 if not Backend.getIdentifiedDbms() and kb.heuristicDbms is None and not kb.droppingRequests:
150 kb.heuristicDbms = heuristicCheckDbms(injection)
151
152 # If the DBMS has already been fingerprinted (via DBMS-specific
153 # error message, simple heuristic check or via DBMS-specific
154 # payload), ask the user to limit the tests to the fingerprinted
155 # DBMS
156
157 if kb.reduceTests is None and not conf.testFilter and (intersect(Backend.getErrorParsedDBMSes(), SUPPORTED_DBMS, True) or kb.heuristicDbms or injection.dbms):
158 msg = "it looks like the back-end DBMS is '%s'. " % (Format.getErrorParsedDBMSes() or kb.heuristicDbms or joinValue(injection.dbms, '/'))
159 msg += "Do you want to skip test payloads specific for other DBMSes? [Y/n]"
160 kb.reduceTests = (Backend.getErrorParsedDBMSes() or [kb.heuristicDbms]) if readInput(msg, default='Y', boolean=True) else []
161
162 # If the DBMS has been fingerprinted (via DBMS-specific error
163 # message, via simple heuristic check or via DBMS-specific
164 # payload), ask the user to extend the tests to all DBMS-specific,
165 # regardless of --level and --risk values provided

Callers 1

startFunction · 0.90

Calls 15

InjectionDictClass · 0.90
getCurrentThreadDataFunction · 0.90
isDigitFunction · 0.90
getSortedInjectionTestsFunction · 0.90
randomIntFunction · 0.90
randomStrFunction · 0.90
intersectFunction · 0.90
joinValueFunction · 0.90
readInputFunction · 0.90
configUnionFunction · 0.90
unArrayizeValueFunction · 0.90
getPageTemplateFunction · 0.90

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…