MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / wasLastResponseDelayed

Function wasLastResponseDelayed

lib/core/common.py:2796–2831  ·  view source on GitHub ↗

Returns True if the last web request resulted in a time-delay

()

Source from the content-addressed store, hash-verified

2794 return threadData.lastHTTPError and threadData.lastHTTPError[0] == threadData.lastRequestUID
2795
2796def wasLastResponseDelayed():
2797 """
2798 Returns True if the last web request resulted in a time-delay
2799 """
2800
2801 # 99.9999999997440% of all non time-based SQL injection affected
2802 # response times should be inside +-7*stdev([normal response times])
2803 # Math reference: http://www.answers.com/topic/standard-deviation
2804
2805 deviation = stdev(kb.responseTimes.get(kb.responseTimeMode, []))
2806 threadData = getCurrentThreadData()
2807
2808 if deviation and not conf.direct and not conf.disableStats:
2809 if len(kb.responseTimes[kb.responseTimeMode]) < MIN_TIME_RESPONSES:
2810 warnMsg = "time-based standard deviation method used on a model "
2811 warnMsg += "with less than %d response times" % MIN_TIME_RESPONSES
2812 logger.warning(warnMsg)
2813
2814 lowerStdLimit = average(kb.responseTimes[kb.responseTimeMode]) + TIME_STDEV_COEFF * deviation
2815 retVal = (threadData.lastQueryDuration >= max(MIN_VALID_DELAYED_RESPONSE, lowerStdLimit))
2816
2817 if not kb.testMode and retVal:
2818 if kb.adjustTimeDelay is None:
2819 msg = "do you want sqlmap to try to optimize value(s) "
2820 msg += "for DBMS delay responses (option '--time-sec')? [Y/n] "
2821
2822 kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE if not readInput(msg, default='Y', boolean=True) else ADJUST_TIME_DELAY.YES
2823 if kb.adjustTimeDelay is ADJUST_TIME_DELAY.YES:
2824 adjustTimeDelay(threadData.lastQueryDuration, lowerStdLimit)
2825
2826 return retVal
2827 else:
2828 delta = threadData.lastQueryDuration - conf.timeSec
2829 if Backend.getIdentifiedDbms() in (DBMS.MYSQL,): # MySQL's SLEEP(X) lasts 0.05 seconds shorter on average
2830 delta += 0.05
2831 return delta >= 0
2832
2833def adjustTimeDelay(lastQueryDuration, lowerStdLimit):
2834 """

Callers 2

queryPageMethod · 0.90
_xpCmdshellCheckMethod · 0.90

Calls 7

getCurrentThreadDataFunction · 0.90
stdevFunction · 0.85
averageFunction · 0.85
adjustTimeDelayFunction · 0.85
getIdentifiedDbmsMethod · 0.80
readInputFunction · 0.70
getMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…