diff --git a/lib/core/common.py b/lib/core/common.py index 04503433c..eac6f812c 100755 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2832,6 +2832,10 @@ def showHttpErrorCodes(): if code in httplib.responses else '?', count) \ for code, count in kb.httpErrorCodes.items()) logger.warn(warnMsg) + if any(str(_).startswith('4') or str(_).startswith('5') for _ in kb.httpErrorCodes.keys()): + msg = "too many 4xx and/or 5xx HTTP error codes " + msg += "usually means that some kind of protection is involved (e.g. WAF)" + logger.warn(msg) def openFile(filename, mode='r', encoding=UNICODE_ENCODING, errors="replace"): """ diff --git a/lib/core/settings.py b/lib/core/settings.py index 63929d00d..002bec0ad 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -79,6 +79,9 @@ TEXT_TAG_REGEX = r"(?si)<(abbr|acronym|b|blockquote|br|center|cite|code|dt|em|fo # Regular expression used for recognition of IP addresses IP_ADDRESS_REGEX = r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b" +# Regular expression used for recognition of generic "your ip has been blocked" messages +BLOCKED_IP_REGEX = r"(?i)(\A|\b)ip\b.*\b(banned|blocked|block list|firewall)" + # Dumping characters used in GROUP_CONCAT MySQL technique CONCAT_ROW_DELIMITER = ',' CONCAT_VALUE_DELIMITER = '|' @@ -541,7 +544,7 @@ VALID_TIME_CHARS_RUN_THRESHOLD = 100 CHECK_ZERO_COLUMNS_THRESHOLD = 10 # Boldify all logger messages containing these "patterns" -BOLD_PATTERNS = ("' injectable", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github") +BOLD_PATTERNS = ("' injectable", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved") # Generic www root directory names GENERIC_DOC_ROOT_DIRECTORY_NAMES = ("htdocs", "httpdocs", "public", "wwwroot", "www") diff --git a/lib/request/basic.py b/lib/request/basic.py index 25e6a093a..d89ab5b29 100755 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -27,6 +27,7 @@ from lib.core.data import logger from lib.core.enums import HTTP_HEADER from lib.core.enums import PLACE from lib.core.exception import SqlmapCompressionException +from lib.core.settings import BLOCKED_IP_REGEX from lib.core.settings import DEFAULT_COOKIE_DELIMITER from lib.core.settings import EVENTVALIDATION_REGEX from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE @@ -305,6 +306,8 @@ def decodePage(page, contentEncoding, contentType): def processResponse(page, responseHeaders): kb.processResponseCounter += 1 + page = page or "" + parseResponse(page, responseHeaders if kb.processResponseCounter < PARSE_HEADERS_LIMIT else None) if conf.parseErrors: @@ -323,3 +326,7 @@ def processResponse(page, responseHeaders): continue conf.paramDict[PLACE.POST][name] = value conf.parameters[PLACE.POST] = re.sub("(?i)(%s=)[^&]+" % name, r"\g<1>%s" % value, conf.parameters[PLACE.POST]) + + if re.search(BLOCKED_IP_REGEX, page): + errMsg = "it appears that you have been blocked by the target server" + singleTimeLogMessage(errMsg, logging.ERROR)