mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-07-29 01:19:47 +03:00
Update luanginxwafbypass.py
This commit is contained in:
parent
c70818bfc7
commit
15a77ef3e9
|
@ -12,7 +12,8 @@ Open Data Security (@ODSops) [https://ods.es]
|
||||||
PoC: https://www.youtube.com/watch?v=JUvro7cqidY
|
PoC: https://www.youtube.com/watch?v=JUvro7cqidY
|
||||||
Vulnerability information: https://opendatasecurity.io/cloudflare-vulnerability-allows-waf-be-disabled/
|
Vulnerability information: https://opendatasecurity.io/cloudflare-vulnerability-allows-waf-be-disabled/
|
||||||
|
|
||||||
Example: sqlmap -r file.txt --tamper=luanginxwafbypass.py --dbs --skip-urlencode
|
Example: sqlmap -r file.txt --tamper=luanginxwafbypass.py --dbs --skip-urlencode -p vulnparameter
|
||||||
|
Required options: --skip-urlencode, -p
|
||||||
'''
|
'''
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
|
@ -32,8 +33,6 @@ def tamper(payload, **kwargs):
|
||||||
try:
|
try:
|
||||||
headers = kwargs.get("headers", {})
|
headers = kwargs.get("headers", {})
|
||||||
randomParameter = randomParameterGenerator()
|
randomParameter = randomParameterGenerator()
|
||||||
|
|
||||||
''' Get parameter name to test '''
|
|
||||||
parameter = conf["testParameter"][0]
|
parameter = conf["testParameter"][0]
|
||||||
|
|
||||||
if not parameter:
|
if not parameter:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user