From 241c6b02f08386de649614594b64a8ace139c37c Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 10 Jan 2019 13:23:34 +0100 Subject: [PATCH] Update of distil WAF script --- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 ++-- waf/distil.py | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 7c609aada..a8b09b84a 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.1.31" +VERSION = "1.3.1.32" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index c3ee2b00a..83f6073c6 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py 9a7d68d5fa01561500423791f15cc676 lib/core/replication.py 3179d34f371e0295dd4604568fb30bcd lib/core/revision.py d6269c55789f78cf707e09a0f5b45443 lib/core/session.py -897466b2b34e13e9013d6ad0e15f1c09 lib/core/settings.py +00af73cfc49989f912a14303f0555eb2 lib/core/settings.py a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py 5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py @@ -418,7 +418,7 @@ b2331b1b17cf0fad5ac0d991d1efdfa0 waf/cloudfront.py 847ee97f6e0f8aeec61afd3e0c91543b waf/comodo.py 4ed76fdf2add2405bb6157ac025e01b9 waf/crawlprotect.py e49bb75985f60556b4481dc085f3c62b waf/denyall.py -dbe50bbcb1b4664d6cebfcca63e75125 waf/distil.py +4254527ec80588f5289f56c7b52c4b30 waf/distil.py 886c6502a6a2aae49921efed8d439f7b waf/dotdefender.py a8412619d7f26ed6bc9e0b20a57b2324 waf/edgecast.py b65877b412a4c648aa442116ef94e2af waf/expressionengine.py diff --git a/waf/distil.py b/waf/distil.py index 4747e1729..e82093864 100644 --- a/waf/distil.py +++ b/waf/distil.py @@ -13,8 +13,9 @@ def detect(get_page): retval = False for vector in WAF_ATTACK_VECTORS: - _, headers, _ = get_page(get=vector) + page, headers, _ = get_page(get=vector) retval = headers.get("x-distil-cs") is not None + retval |= any(_ in (page or "") for _ in ("distilCaptchaForm", "distilCallbackGuard", "cdn.distilnetworks.com/images/anomaly-detected.png")) if retval: break