Skip to content

Commit

Permalink
Minor improvement for OR payloads
Browse files Browse the repository at this point in the history
  • Loading branch information
@stamparm
stamparm committed Nov 26, 2014
1 parent 356ae4a commit d46535e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion dsss.py
View file
Expand Up @@ -63,7 +63,7 @@ def scan_page(url, data=None):
vulnerable = True
else:
ratios = dict((_, difflib.SequenceMatcher(None, original[TEXT], contents[_][TEXT]).quick_ratio()) for _ in (True, False))
vulnerable = all(ratios.values()) and ratios[True] > FUZZY_THRESHOLD and ratios[False] < FUZZY_THRESHOLD and abs(ratios[True] - ratios[False]) > FUZZY_THRESHOLD / 10
vulnerable = all(ratios.values()) and min(ratios.values()) < FUZZY_THRESHOLD < max(ratios.values()) and abs(ratios[True] - ratios[False]) > FUZZY_THRESHOLD / 10
if vulnerable:
print " (i) %s parameter '%s' appears to be blind SQLi vulnerable (e.g.: '%s')" % (phase, match.group("parameter"), payloads[True])
retval = True
Expand Down

0 comments on commit d46535e

Please sign in to comment.