From fa9d23d839829b6e43ff24b263cb42ff9f926a88 Mon Sep 17 00:00:00 2001
From: sinn3r <msfsinn3r@gmail.com>
Date: Tue, 8 May 2012 01:26:39 -0500
Subject: [PATCH] When a blind SQL injection, it's a good thing (for the
 attacker), so we should use print_good

---
 modules/auxiliary/scanner/http/blind_sql_query.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/auxiliary/scanner/http/blind_sql_query.rb b/modules/auxiliary/scanner/http/blind_sql_query.rb
index 32e7ba0047..24f58a7684 100644
--- a/modules/auxiliary/scanner/http/blind_sql_query.rb
+++ b/modules/auxiliary/scanner/http/blind_sql_query.rb
@@ -228,8 +228,8 @@ class Metasploit3 < Msf::Auxiliary
 					pinjd = detection_d(normalres,trueres,falseres,tarr)
 
 					if pinja or pinjb or pinjc  or pinjd
-						print_error("Possible #{tarr[0]} Blind SQL Injection Found  #{datastore['PATH']} #{key}")
-						print_error("[#{t}]")
+						print_good("Possible #{tarr[0]} Blind SQL Injection Found  #{datastore['PATH']} #{key}")
+						print_good("[#{t}]")
 
 						report_web_vuln(
 							:host	=> ip,
@@ -319,8 +319,8 @@ class Metasploit3 < Msf::Auxiliary
 					pinjd = detection_d(normalres,trueres,falseres,tarr)
 
 					if pinja or pinjb or pinjc or pinjd
-						print_error("Possible #{tarr[0]} Blind SQL Injection Found  #{datastore['PATH']} #{key}")
-						print_error("[#{t}]")
+						print_good("Possible #{tarr[0]} Blind SQL Injection Found  #{datastore['PATH']} #{key}")
+						print_good("[#{t}]")
 
 						report_web_vuln(
 							:host	=> ip,