sqlmap/waf/secureiis.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

from lib.core.enums import HTTP_HEADER

__product__ = "SecureIIS Web Server Security (BeyondTrust)"

def detect(get_page):
    _, _, code = get_page()
    retval = code != 404
    _, _, code = get_page(auxHeaders={HTTP_HEADER.TRANSFER_ENCODING: 'a' * 1025, HTTP_HEADER.ACCEPT_ENCODING: "identity"})
    retval = retval and code == 404
    return retval
Adding WAF script for SecureIIS 2013-02-22 00:34:26 +04:00			`#!/usr/bin/env python`

			`"""`
Update of copyright string 2016-01-06 02:06:12 +03:00			`Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)`
Adding WAF script for SecureIIS 2013-02-22 00:34:26 +04:00			`See the file 'doc/COPYING' for copying permission`
			`"""`

Update for consistency (all other enums are using _ in between words) 2013-03-20 14:10:24 +04:00			`from lib.core.enums import HTTP_HEADER`
Adding WAF script for SecureIIS 2013-02-22 00:34:26 +04:00
			`__product__ = "SecureIIS Web Server Security (BeyondTrust)"`

			`def detect(get_page):`
Minor refactoring 2016-01-07 23:58:10 +03:00			`_, _, code = get_page()`
Adding WAF script for SecureIIS 2013-02-22 00:34:26 +04:00			`retval = code != 404`
Minor refactoring 2016-01-07 23:58:10 +03:00			`_, _, code = get_page(auxHeaders={HTTP_HEADER.TRANSFER_ENCODING: 'a' * 1025, HTTP_HEADER.ACCEPT_ENCODING: "identity"})`
Adding WAF script for SecureIIS 2013-02-22 00:34:26 +04:00			`retval = retval and code == 404`
			`return retval`