■ ■ ■ ■ ■ ■
ghauri/dbms/fingerprint.py
| skipped 127 lines |
128 | 128 | | text_only=self.text_only, |
129 | 129 | | ) |
130 | 130 | | result = bool_retval.vulnerable |
| 131 | + | if not result: |
| 132 | + | attackt = self.check_boolean_expression( |
| 133 | + | expression="QUARTER(NULL) IS NULL" |
| 134 | + | ) |
| 135 | + | bool_retval = check_boolean_responses( |
| 136 | + | self.base, |
| 137 | + | attackt, |
| 138 | + | attack01, |
| 139 | + | match_string=self.match_string, |
| 140 | + | not_match_string=self.not_match_string, |
| 141 | + | code=self.code, |
| 142 | + | text_only=self.text_only, |
| 143 | + | ) |
| 144 | + | result = bool_retval.vulnerable |
131 | 145 | | if result: |
132 | 146 | | is_ok = False |
133 | 147 | | if self._attacks: |
| skipped 31 lines |
165 | 179 | | text_only=self.text_only, |
166 | 180 | | ) |
167 | 181 | | result = bool_retval.vulnerable |
| 182 | + | if not result: |
| 183 | + | attackt = self.check_boolean_expression( |
| 184 | + | expression="QUARTER(NULL) IS NULL" |
| 185 | + | ) |
| 186 | + | bool_retval = check_boolean_responses( |
| 187 | + | self.base, |
| 188 | + | attackt, |
| 189 | + | self.attack01, |
| 190 | + | match_string=self.match_string, |
| 191 | + | not_match_string=self.not_match_string, |
| 192 | + | code=self.code, |
| 193 | + | text_only=self.text_only, |
| 194 | + | ) |
| 195 | + | result = bool_retval.vulnerable |
168 | 196 | | ok = False |
169 | 197 | | if result: |
170 | 198 | | logger.info(f"confirming MySQL") |
| skipped 406 lines |