1.81b: Fix to numerical SQL injection detector logic.
This commit is contained in:
parent
35607dcb58
commit
a3473417d9
|
@ -1,3 +1,8 @@
|
|||
Version 1.81b:
|
||||
--------------
|
||||
|
||||
- Fix to numerical SQL injection detector logic.
|
||||
|
||||
Version 1.80b:
|
||||
--------------
|
||||
|
||||
|
|
2
Makefile
2
Makefile
|
@ -20,7 +20,7 @@
|
|||
#
|
||||
|
||||
PROGNAME = skipfish
|
||||
VERSION = 1.80b
|
||||
VERSION = 1.81b
|
||||
|
||||
OBJFILES = http_client.c database.c crawler.c analysis.c report.c
|
||||
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
|
||||
|
|
9
README
9
README
|
@ -403,10 +403,11 @@ sites.
|
|||
|
||||
Lastly, -f controls the maximum number of consecutive HTTP errors you are
|
||||
willing to see before aborting the scan; and -s sets the maximum length of a
|
||||
response to fetch and parse (longer responses will be truncated). When
|
||||
scanning large, multimedia-heavy sites, you may also want to specify -e -
|
||||
preventing binary documents from being kept verbatim for the report, and
|
||||
freeing up a lot of RAM.
|
||||
response to fetch and parse (longer responses will be truncated).
|
||||
|
||||
When scanning large, multimedia-heavy sites, you may also want to specify -e.
|
||||
This prevents binary documents from being kept in memory for reporting
|
||||
purposes, and frees up a lot of RAM.
|
||||
|
||||
Further rate-limiting is available through third-party user mode tools such
|
||||
as trickle, or kernel-level traffic shaping.
|
||||
|
|
|
@ -1200,7 +1200,7 @@ static u8 inject_check7_callback(struct http_request* req,
|
|||
RESP_CHECKS(MREQ(2), MRES(2));
|
||||
}
|
||||
|
||||
if (same_page(&MRES(2)->sig, &MRES(6)->sig) &&
|
||||
if (same_page(&MRES(1)->sig, &MRES(6)->sig) &&
|
||||
!same_page(&MRES(6)->sig, &MRES(7)->sig)) {
|
||||
problem(PROB_SQL_INJECT, MREQ(7), MRES(7),
|
||||
(u8*)"response suggests arithmetic evaluation on server side (type 2)",
|
||||
|
|
Loading…
Reference in New Issue