mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	Minor patches (pydiatra)
This commit is contained in:
		
							parent
							
								
									81e6dab965
								
							
						
					
					
						commit
						0e206da7c0
					
				|  | @ -43,7 +43,7 @@ def updateMSSQLXML(): | ||||||
| 
 | 
 | ||||||
|         return |         return | ||||||
| 
 | 
 | ||||||
|     releases = re.findall("class=\"BCC_DV_01DarkBlueTitle\">SQL Server\s(.+?)\sBuilds", mssqlVersionsHtmlString, re.I | re.M) |     releases = re.findall("class=\"BCC_DV_01DarkBlueTitle\">SQL Server\s(.+?)\sBuilds", mssqlVersionsHtmlString, re.I) | ||||||
|     releasesCount = len(releases) |     releasesCount = len(releases) | ||||||
| 
 | 
 | ||||||
|     # Create the minidom document |     # Create the minidom document | ||||||
|  | @ -74,7 +74,7 @@ def updateMSSQLXML(): | ||||||
|             stopIdx = mssqlVersionsHtmlString.index("SQL Server %s Builds" % releases[index + 1]) |             stopIdx = mssqlVersionsHtmlString.index("SQL Server %s Builds" % releases[index + 1]) | ||||||
| 
 | 
 | ||||||
|         mssqlVersionsReleaseString = mssqlVersionsHtmlString[startIdx:stopIdx] |         mssqlVersionsReleaseString = mssqlVersionsHtmlString[startIdx:stopIdx] | ||||||
|         servicepackVersion = re.findall("</td><td>[7\.0|2000|2005|2008|2008 R2]*(.*?)</td><td.*?([\d\.]+)</td>[\r]*\n", mssqlVersionsReleaseString, re.I | re.M) |         servicepackVersion = re.findall("</td><td>[7\.0|2000|2005|2008|2008 R2]*(.*?)</td><td.*?([\d\.]+)</td>[\r]*\n", mssqlVersionsReleaseString, re.I) | ||||||
| 
 | 
 | ||||||
|         for servicePack, version in servicepackVersion: |         for servicePack, version in servicepackVersion: | ||||||
|             if servicePack.startswith(" "): |             if servicePack.startswith(" "): | ||||||
|  |  | ||||||
|  | @ -83,7 +83,7 @@ def main(): | ||||||
|     if stderr: |     if stderr: | ||||||
|         failure_email("Execution of regression test failed with error:\n\n%s" % stderr) |         failure_email("Execution of regression test failed with error:\n\n%s" % stderr) | ||||||
| 
 | 
 | ||||||
|     failed_tests = re.findall("running live test case: (.+?) \((\d+)\/\d+\)[\r]*\n.+test failed (at parsing items: (.+))?\s*\- scan folder: (\/.+) \- traceback: (.*?)( - SQL injection not detected)?[\r]*\n", stdout, re.M) |     failed_tests = re.findall("running live test case: (.+?) \((\d+)\/\d+\)[\r]*\n.+test failed (at parsing items: (.+))?\s*\- scan folder: (\/.+) \- traceback: (.*?)( - SQL injection not detected)?[\r]*\n", stdout) | ||||||
| 
 | 
 | ||||||
|     for failed_test in failed_tests: |     for failed_test in failed_tests: | ||||||
|         title = failed_test[0] |         title = failed_test[0] | ||||||
|  |  | ||||||
|  | @ -140,7 +140,7 @@ def _formatInjection(inj): | ||||||
|         if inj.place == PLACE.CUSTOM_HEADER: |         if inj.place == PLACE.CUSTOM_HEADER: | ||||||
|             payload = payload.split(',', 1)[1] |             payload = payload.split(',', 1)[1] | ||||||
|         if stype == PAYLOAD.TECHNIQUE.UNION: |         if stype == PAYLOAD.TECHNIQUE.UNION: | ||||||
|             count = re.sub(r"(?i)(\(.+\))|(\blimit[^A-Za-z]+)", "", sdata.payload).count(',') + 1 |             count = re.sub(r"(?i)(\(.+\))|(\blimit[^a-z]+)", "", sdata.payload).count(',') + 1 | ||||||
|             title = re.sub(r"\d+ to \d+", str(count), title) |             title = re.sub(r"\d+ to \d+", str(count), title) | ||||||
|             vector = agent.forgeUnionQuery("[QUERY]", vector[0], vector[1], vector[2], None, None, vector[5], vector[6]) |             vector = agent.forgeUnionQuery("[QUERY]", vector[0], vector[1], vector[2], None, None, vector[5], vector[6]) | ||||||
|             if count == 1: |             if count == 1: | ||||||
|  |  | ||||||
|  | @ -296,7 +296,7 @@ class Agent(object): | ||||||
|         elif suffix and not comment: |         elif suffix and not comment: | ||||||
|             expression += suffix.replace('\\', BOUNDARY_BACKSLASH_MARKER) |             expression += suffix.replace('\\', BOUNDARY_BACKSLASH_MARKER) | ||||||
| 
 | 
 | ||||||
|         return re.sub(r"(?s);\W*;", ";", expression) |         return re.sub(r";\W*;", ";", expression) | ||||||
| 
 | 
 | ||||||
|     def cleanupPayload(self, payload, origValue=None): |     def cleanupPayload(self, payload, origValue=None): | ||||||
|         if payload is None: |         if payload is None: | ||||||
|  |  | ||||||
|  | @ -1961,7 +1961,7 @@ def getSQLSnippet(dbms, sfile, **variables): | ||||||
| 
 | 
 | ||||||
|     retVal = readCachedFileContent(filename) |     retVal = readCachedFileContent(filename) | ||||||
|     retVal = re.sub(r"#.+", "", retVal) |     retVal = re.sub(r"#.+", "", retVal) | ||||||
|     retVal = re.sub(r"(?s);\s+", "; ", retVal).strip("\r\n") |     retVal = re.sub(r";\s+", "; ", retVal).strip("\r\n") | ||||||
| 
 | 
 | ||||||
|     for _ in variables.keys(): |     for _ in variables.keys(): | ||||||
|         retVal = re.sub(r"%%%s%%" % _, variables[_], retVal) |         retVal = re.sub(r"%%%s%%" % _, variables[_], retVal) | ||||||
|  |  | ||||||
|  | @ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME | ||||||
| from lib.core.enums import OS | from lib.core.enums import OS | ||||||
| 
 | 
 | ||||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||||
| VERSION = "1.1.4.23" | VERSION = "1.1.4.24" | ||||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||||
| VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | ||||||
|  |  | ||||||
|  | @ -532,7 +532,8 @@ def _setResultsFile(): | ||||||
|         except (OSError, IOError), ex: |         except (OSError, IOError), ex: | ||||||
|             try: |             try: | ||||||
|                 warnMsg = "unable to create results file '%s' ('%s'). " % (conf.resultsFilename, getUnicode(ex)) |                 warnMsg = "unable to create results file '%s' ('%s'). " % (conf.resultsFilename, getUnicode(ex)) | ||||||
|                 conf.resultsFilename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.RESULTS, suffix=".csv")[1] |                 handle, conf.resultsFilename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.RESULTS, suffix=".csv") | ||||||
|  |                 os.close(handle) | ||||||
|                 conf.resultsFP = openFile(conf.resultsFilename, "w+", UNICODE_ENCODING, buffering=0) |                 conf.resultsFP = openFile(conf.resultsFilename, "w+", UNICODE_ENCODING, buffering=0) | ||||||
|                 warnMsg += "Using temporary file '%s' instead" % conf.resultsFilename |                 warnMsg += "Using temporary file '%s' instead" % conf.resultsFilename | ||||||
|                 logger.warn(warnMsg) |                 logger.warn(warnMsg) | ||||||
|  |  | ||||||
|  | @ -163,7 +163,8 @@ class Task(object): | ||||||
|         self.options = AttribDict(self._original_options) |         self.options = AttribDict(self._original_options) | ||||||
| 
 | 
 | ||||||
|     def engine_start(self): |     def engine_start(self): | ||||||
|         configFile = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.CONFIG, text=True)[1] |         handle, configFile = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.CONFIG, text=True) | ||||||
|  |         os.close(handle) | ||||||
|         saveConfig(self.options, configFile) |         saveConfig(self.options, configFile) | ||||||
| 
 | 
 | ||||||
|         if os.path.exists("sqlmap.py"): |         if os.path.exists("sqlmap.py"): | ||||||
|  | @ -651,7 +652,8 @@ def server(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, adapter=REST | ||||||
|     REST-JSON API server |     REST-JSON API server | ||||||
|     """ |     """ | ||||||
|     DataStore.admin_id = hexencode(os.urandom(16)) |     DataStore.admin_id = hexencode(os.urandom(16)) | ||||||
|     Database.filepath = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.IPC, text=False)[1] |     handle, Database.filepath = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.IPC, text=False) | ||||||
|  |     os.close(handle) | ||||||
| 
 | 
 | ||||||
|     if port == 0:  # random |     if port == 0:  # random | ||||||
|         with contextlib.closing(socket.socket(socket.AF_INET, socket.SOCK_STREAM)) as s: |         with contextlib.closing(socket.socket(socket.AF_INET, socket.SOCK_STREAM)) as s: | ||||||
|  |  | ||||||
|  | @ -87,7 +87,7 @@ def crawl(target): | ||||||
|                         tags = soup('a') |                         tags = soup('a') | ||||||
| 
 | 
 | ||||||
|                         if not tags: |                         if not tags: | ||||||
|                             tags = re.finditer(r'(?si)<a[^>]+href="(?P<href>[^>"]+)"', content) |                             tags = re.finditer(r'(?i)<a[^>]+href="(?P<href>[^>"]+)"', content) | ||||||
| 
 | 
 | ||||||
|                         for tag in tags: |                         for tag in tags: | ||||||
|                             href = tag.get("href") if hasattr(tag, "get") else tag.group("href") |                             href = tag.get("href") if hasattr(tag, "get") else tag.group("href") | ||||||
|  |  | ||||||
|  | @ -22,7 +22,7 @@ class Syntax: | ||||||
|         retVal = expression |         retVal = expression | ||||||
| 
 | 
 | ||||||
|         if quote: |         if quote: | ||||||
|             for item in re.findall(r"'[^']*'+", expression, re.S): |             for item in re.findall(r"'[^']*'+", expression): | ||||||
|                 _ = item[1:-1] |                 _ = item[1:-1] | ||||||
|                 if _: |                 if _: | ||||||
|                     retVal = retVal.replace(item, escaper(_)) |                     retVal = retVal.replace(item, escaper(_)) | ||||||
|  |  | ||||||
|  | @ -8,7 +8,7 @@ acba8b5dc93db0fe6b2b04ff0138c33c  extra/icmpsh/icmpsh.exe_ | ||||||
| 2176d964f2d5ba2d871383d6a1868b8f  extra/icmpsh/icmpsh_m.py | 2176d964f2d5ba2d871383d6a1868b8f  extra/icmpsh/icmpsh_m.py | ||||||
| 2d020d2bdcee1170805f48839fdb89df  extra/icmpsh/__init__.py | 2d020d2bdcee1170805f48839fdb89df  extra/icmpsh/__init__.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  extra/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  extra/__init__.py | ||||||
| c7973dc651586ba26d9553ad1ecfee74  extra/mssqlsig/update.py | 20dd956898077268ce1acc017ecdbfd7  extra/mssqlsig/update.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  extra/safe2bin/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  extra/safe2bin/__init__.py | ||||||
| d3e99da5b5c2209e97836af9098124ee  extra/safe2bin/safe2bin.py | d3e99da5b5c2209e97836af9098124ee  extra/safe2bin/safe2bin.py | ||||||
| d229479d02d21b29f209143cb0547780  extra/shellcodeexec/linux/shellcodeexec.x32_ | d229479d02d21b29f209143cb0547780  extra/shellcodeexec/linux/shellcodeexec.x32_ | ||||||
|  | @ -16,17 +16,17 @@ d229479d02d21b29f209143cb0547780  extra/shellcodeexec/linux/shellcodeexec.x32_ | ||||||
| c55b400b72acc43e0e59c87dd8bb8d75  extra/shellcodeexec/windows/shellcodeexec.x32.exe_ | c55b400b72acc43e0e59c87dd8bb8d75  extra/shellcodeexec/windows/shellcodeexec.x32.exe_ | ||||||
| 3c07d5ecd7208748892c0459f6ca084a  extra/shutils/duplicates.py | 3c07d5ecd7208748892c0459f6ca084a  extra/shutils/duplicates.py | ||||||
| 8cd064eea3506e5dd913e03171bc418f  extra/shutils/pylint.py | 8cd064eea3506e5dd913e03171bc418f  extra/shutils/pylint.py | ||||||
| 02b87ce441efb4e9e6249237a6ce9655  extra/shutils/regressiontest.py | 07afd64e65926bba66cee5ca092ac7d9  extra/shutils/regressiontest.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  extra/sqlharvest/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  extra/sqlharvest/__init__.py | ||||||
| 7713aa366c983cdf1f3dbaa7383ea9e1  extra/sqlharvest/sqlharvest.py | 7713aa366c983cdf1f3dbaa7383ea9e1  extra/sqlharvest/sqlharvest.py | ||||||
| 5df358defc488bee9b40084892e3d1cb  lib/controller/action.py | 5df358defc488bee9b40084892e3d1cb  lib/controller/action.py | ||||||
| 9cb94acd4c59822a5e1a258c4d1a4860  lib/controller/checks.py | 9cb94acd4c59822a5e1a258c4d1a4860  lib/controller/checks.py | ||||||
| 20fbacfdcef41214dc2e9ad31fbc28ad  lib/controller/controller.py | 8bf4fde39867b94600f61dc7fddcf3b0  lib/controller/controller.py | ||||||
| d79481ab99acd739615e747d4a79d9d0  lib/controller/handler.py | d79481ab99acd739615e747d4a79d9d0  lib/controller/handler.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  lib/controller/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  lib/controller/__init__.py | ||||||
| 19905ecb4437b94512cf21d5f1720091  lib/core/agent.py | 5c4cddb0016d02a57bd1b05b3fc60c54  lib/core/agent.py | ||||||
| 6cc95a117fbd34ef31b9aa25520f0e31  lib/core/bigarray.py | 6cc95a117fbd34ef31b9aa25520f0e31  lib/core/bigarray.py | ||||||
| 8f827c514751b85890da09581c21285c  lib/core/common.py | 1fa78f8104a2b39e87c19cb20e8eab72  lib/core/common.py | ||||||
| 5065a4242a8cccf72f91e22e1007ae63  lib/core/convert.py | 5065a4242a8cccf72f91e22e1007ae63  lib/core/convert.py | ||||||
| a8143dab9d3a27490f7d49b6b29ea530  lib/core/data.py | a8143dab9d3a27490f7d49b6b29ea530  lib/core/data.py | ||||||
| 7936d78b1a7f1f008ff92bf2f88574ba  lib/core/datatype.py | 7936d78b1a7f1f008ff92bf2f88574ba  lib/core/datatype.py | ||||||
|  | @ -45,10 +45,10 @@ dd19b4d930d418f8aef498941346ab2d  lib/core/option.py | ||||||
| d8e9250f3775119df07e9070eddccd16  lib/core/replication.py | d8e9250f3775119df07e9070eddccd16  lib/core/replication.py | ||||||
| 785f86e3f963fa3798f84286a4e83ff2  lib/core/revision.py | 785f86e3f963fa3798f84286a4e83ff2  lib/core/revision.py | ||||||
| 40c80b28b3a5819b737a5a17d4565ae9  lib/core/session.py | 40c80b28b3a5819b737a5a17d4565ae9  lib/core/session.py | ||||||
| 4682e416a9eb8d2c5d0f8c6d433760b3  lib/core/settings.py | c6ecd382fa5a3e8de450e55aa92c8b84  lib/core/settings.py | ||||||
| d91291997d2bd2f6028aaf371bf1d3b6  lib/core/shell.py | d91291997d2bd2f6028aaf371bf1d3b6  lib/core/shell.py | ||||||
| 2ad85c130cc5f2b3701ea85c2f6bbf20  lib/core/subprocessng.py | 2ad85c130cc5f2b3701ea85c2f6bbf20  lib/core/subprocessng.py | ||||||
| afd0636d2e93c23f4f0a5c9b6023ea17  lib/core/target.py | 2571146b71f487a3d11867746c033e40  lib/core/target.py | ||||||
| 8970b88627902239d695280b1160e16c  lib/core/testing.py | 8970b88627902239d695280b1160e16c  lib/core/testing.py | ||||||
| 5521241c750855a4e44747fbac7771c6  lib/core/threads.py | 5521241c750855a4e44747fbac7771c6  lib/core/threads.py | ||||||
| ad74fc58fc7214802fd27067bce18dd2  lib/core/unescaper.py | ad74fc58fc7214802fd27067bce18dd2  lib/core/unescaper.py | ||||||
|  | @ -99,8 +99,8 @@ be752c8075641bc390368c9955f34c91  lib/techniques/error/use.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  lib/techniques/union/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  lib/techniques/union/__init__.py | ||||||
| 19fd73af7a278fd72b46a5a60f5bdd09  lib/techniques/union/test.py | 19fd73af7a278fd72b46a5a60f5bdd09  lib/techniques/union/test.py | ||||||
| c2bf28aab749b0de30bfdeea6d09449f  lib/techniques/union/use.py | c2bf28aab749b0de30bfdeea6d09449f  lib/techniques/union/use.py | ||||||
| 981318873e2df1cc55173e8b8a4a7637  lib/utils/api.py | 67f0ad96ec2207d7e59c788b858afd6d  lib/utils/api.py | ||||||
| 29e32d59fcdd63c5a13498af1f367c8c  lib/utils/crawler.py | c42203069fef3b326b42b464f3aa60d3  lib/utils/crawler.py | ||||||
| ba12c69a90061aa14d848b8396e79191  lib/utils/deps.py | ba12c69a90061aa14d848b8396e79191  lib/utils/deps.py | ||||||
| 3b9fd519164e0bf275d5fd361c3f11ff  lib/utils/getch.py | 3b9fd519164e0bf275d5fd361c3f11ff  lib/utils/getch.py | ||||||
| ccfdad414ce2ec0c394c3deaa39a82bf  lib/utils/hashdb.py | ccfdad414ce2ec0c394c3deaa39a82bf  lib/utils/hashdb.py | ||||||
|  | @ -210,7 +210,7 @@ feca57a968c528a2fe3ccafbc83a17f8  plugins/generic/fingerprint.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  plugins/generic/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  plugins/generic/__init__.py | ||||||
| 8fd5913823e97e21a8eea717cd12fc96  plugins/generic/misc.py | 8fd5913823e97e21a8eea717cd12fc96  plugins/generic/misc.py | ||||||
| 64b052d1df6d7fe34d73b51196f68ae3  plugins/generic/search.py | 64b052d1df6d7fe34d73b51196f68ae3  plugins/generic/search.py | ||||||
| dca509ef83bf7d74ad26ebe4a03e4c6a  plugins/generic/syntax.py | 562cfa80a15d5f7f1d52e10c5736d7e2  plugins/generic/syntax.py | ||||||
| 25cc2788cc3da6f8a0bcff0e41ff586e  plugins/generic/takeover.py | 25cc2788cc3da6f8a0bcff0e41ff586e  plugins/generic/takeover.py | ||||||
| 02c8da99874f1cfd869d9e3bbb7c84e6  plugins/generic/users.py | 02c8da99874f1cfd869d9e3bbb7c84e6  plugins/generic/users.py | ||||||
| 310efc965c862cfbd7b0da5150a5ad36  plugins/__init__.py | 310efc965c862cfbd7b0da5150a5ad36  plugins/__init__.py | ||||||
|  | @ -389,7 +389,7 @@ a0200fc79bae0ec597b98c82894562a5  waf/armor.py | ||||||
| d764bf3b9456a02a7f8a0149a93ff950  waf/aws.py | d764bf3b9456a02a7f8a0149a93ff950  waf/aws.py | ||||||
| dbc89fc642074c6d17a04532e623f976  waf/baidu.py | dbc89fc642074c6d17a04532e623f976  waf/baidu.py | ||||||
| e4e713cc4e5504eed0311fa62b05a6f9  waf/barracuda.py | e4e713cc4e5504eed0311fa62b05a6f9  waf/barracuda.py | ||||||
| 8a6f2edc3ff9c031e2b58733ee76cfa0  waf/bigip.py | 81af1707c0783d205075d887c9868043  waf/bigip.py | ||||||
| 2adee01cbf513944cd3d281af1c05a86  waf/binarysec.py | 2adee01cbf513944cd3d281af1c05a86  waf/binarysec.py | ||||||
| db312318ee5309577917faca1cd2c077  waf/blockdos.py | db312318ee5309577917faca1cd2c077  waf/blockdos.py | ||||||
| 520ef7b59340b96b4a43e7fdba760967  waf/ciscoacexml.py | 520ef7b59340b96b4a43e7fdba760967  waf/ciscoacexml.py | ||||||
|  | @ -409,7 +409,7 @@ d50e17ed49e1a3cb846e652ed98e3b3c  waf/hyperguard.py | ||||||
| 5a364b68519a5872c4d60be11d2a23c1  waf/isaserver.py | 5a364b68519a5872c4d60be11d2a23c1  waf/isaserver.py | ||||||
| 8bfbae2b692538da0fb1a812330b2649  waf/jiasule.py | 8bfbae2b692538da0fb1a812330b2649  waf/jiasule.py | ||||||
| 0b50798c12802bf98a850dd716b0d96d  waf/knownsec.py | 0b50798c12802bf98a850dd716b0d96d  waf/knownsec.py | ||||||
| 6d47157944211d758483ff8f97b810e8  waf/kona.py | bb4177a5a1b4a8d590bf556b409625ac  waf/kona.py | ||||||
| 4fed33de1ffb2214bc1baa9f925c3eb9  waf/modsecurity.py | 4fed33de1ffb2214bc1baa9f925c3eb9  waf/modsecurity.py | ||||||
| fe690dfc4b2825c3682ceecef7ee9e6e  waf/netcontinuum.py | fe690dfc4b2825c3682ceecef7ee9e6e  waf/netcontinuum.py | ||||||
| bd55ed30291b31db63b761db472f41ea  waf/netscaler.py | bd55ed30291b31db63b761db472f41ea  waf/netscaler.py | ||||||
|  |  | ||||||
|  | @ -18,7 +18,7 @@ def detect(get_page): | ||||||
|     for vector in WAF_ATTACK_VECTORS: |     for vector in WAF_ATTACK_VECTORS: | ||||||
|         _, headers, _ = get_page(get=vector) |         _, headers, _ = get_page(get=vector) | ||||||
|         retval = headers.get("X-Cnection", "").lower() == "close" |         retval = headers.get("X-Cnection", "").lower() == "close" | ||||||
|         retval |= re.search(r"\ATS[a-zA-Z0-9]{4,}=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None |         retval |= re.search(r"\ATS\w{4,}=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None | ||||||
|         retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None |         retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None | ||||||
|         retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None |         retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None | ||||||
|         retval |= re.search(r"\AF5\Z", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None |         retval |= re.search(r"\AF5\Z", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None | ||||||
|  |  | ||||||
|  | @ -17,7 +17,7 @@ def detect(get_page): | ||||||
| 
 | 
 | ||||||
|     for vector in WAF_ATTACK_VECTORS: |     for vector in WAF_ATTACK_VECTORS: | ||||||
|         page, headers, code = get_page(get=vector) |         page, headers, code = get_page(get=vector) | ||||||
|         retval = code in (400, 403, 501) and re.search(r"Reference #[0-9A-Fa-f.]+", page or "", re.I) is not None |         retval = code in (400, 403, 501) and re.search(r"Reference #[0-9a-f.]+", page or "", re.I) is not None | ||||||
|         retval |= re.search(r"AkamaiGHost", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None |         retval |= re.search(r"AkamaiGHost", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None | ||||||
|         if retval: |         if retval: | ||||||
|             break |             break | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user