Adding some friendly warning messages (regarding blocking)

2025-01-23 15:54:24 +03:00 · 2014-12-03 10:06:21 +01:00 · 2014-12-03 10:06:21 +01:00 · 17db587e2c
commit 17db587e2c
parent 821e4bf507
3 changed files with 15 additions and 1 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -2832,6 +2832,10 @@ def showHttpErrorCodes():
          if code in httplib.responses else '?', count) \
          for code, count in kb.httpErrorCodes.items())
        logger.warn(warnMsg)
+        if any(str(_).startswith('4') or str(_).startswith('5') for _ in kb.httpErrorCodes.keys()):
+            msg = "too many 4xx and/or 5xx HTTP error codes "
+            msg += "usually means that some kind of protection is involved (e.g. WAF)"
+            logger.warn(msg)

 def openFile(filename, mode='r', encoding=UNICODE_ENCODING, errors="replace"):
    """
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -79,6 +79,9 @@ TEXT_TAG_REGEX = r"(?si)<(abbr|acronym|b|blockquote|br|center|cite|code|dt|em|fo
 # Regular expression used for recognition of IP addresses
 IP_ADDRESS_REGEX = r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b"

+# Regular expression used for recognition of generic "your ip has been blocked" messages
+BLOCKED_IP_REGEX = r"(?i)(\A|\b)ip\b.*\b(banned|blocked|block list|firewall)"
+
 # Dumping characters used in GROUP_CONCAT MySQL technique
 CONCAT_ROW_DELIMITER = ','
 CONCAT_VALUE_DELIMITER = '|'
@ -541,7 +544,7 @@ VALID_TIME_CHARS_RUN_THRESHOLD = 100
 CHECK_ZERO_COLUMNS_THRESHOLD = 10

 # Boldify all logger messages containing these "patterns"
-BOLD_PATTERNS = ("' injectable", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github")
+BOLD_PATTERNS = ("' injectable", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved")

 # Generic www root directory names
 GENERIC_DOC_ROOT_DIRECTORY_NAMES = ("htdocs", "httpdocs", "public", "wwwroot", "www")
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@ -27,6 +27,7 @@ from lib.core.data import logger
 from lib.core.enums import HTTP_HEADER
 from lib.core.enums import PLACE
 from lib.core.exception import SqlmapCompressionException
+from lib.core.settings import BLOCKED_IP_REGEX
 from lib.core.settings import DEFAULT_COOKIE_DELIMITER
 from lib.core.settings import EVENTVALIDATION_REGEX
 from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
@ -305,6 +306,8 @@ def decodePage(page, contentEncoding, contentType):
 def processResponse(page, responseHeaders):
    kb.processResponseCounter += 1

+    page = page or ""
+
    parseResponse(page, responseHeaders if kb.processResponseCounter < PARSE_HEADERS_LIMIT else None)

    if conf.parseErrors:
@ -323,3 +326,7 @@ def processResponse(page, responseHeaders):
                        continue
                    conf.paramDict[PLACE.POST][name] = value
                conf.parameters[PLACE.POST] = re.sub("(?i)(%s=)[^&]+" % name, r"\g<1>%s" % value, conf.parameters[PLACE.POST])
+
+    if re.search(BLOCKED_IP_REGEX, page):
+        errMsg = "it appears that you have been blocked by the target server"
+        singleTimeLogMessage(errMsg, logging.ERROR)