sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 16:10:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update of ZENEDGE WAF script

Browse Source
This commit is contained in:
Miroslav Stampar 2018-08-30 15:56:13 +02:00
parent 62a3618353
commit 287371337d
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.2.8.27" VERSION = "1.2.8.28"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

4
txt/checksum.md5
View File

@ -50,7 +50,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
fcb74fcc9577523524659ec49e2e964b lib/core/session.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py
fe3bc1dc84fcdfc26e552984f6c4b139 lib/core/settings.py 676dac9284820f0949ec1f63e8827c4b lib/core/settings.py
dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
815d1cf27f0f8738d81531e73149867d lib/core/target.py 815d1cf27f0f8738d81531e73149867d lib/core/target.py
@ -457,7 +457,7 @@ f3a81da13ee098e94edd965ea4b37b04 waf/varnish.py
11a5c6b10ced11e505a74e36ee2503b3 waf/wordfence.py 11a5c6b10ced11e505a74e36ee2503b3 waf/wordfence.py
68e332530fab216d017ede506c3fec2f waf/yundun.py 68e332530fab216d017ede506c3fec2f waf/yundun.py
bea35ba732ccc9548e6c4023cea6832b waf/yunsuo.py bea35ba732ccc9548e6c4023cea6832b waf/yunsuo.py
705ac8663513c12150cb5623ef4a04fb waf/zenedge.py 47f8f6623841232a93c5229d6c1bebfe waf/zenedge.py
dc394c5b90ada0a5d5853b5ad1f7d56d xml/banner/generic.xml dc394c5b90ada0a5d5853b5ad1f7d56d xml/banner/generic.xml
d8925c034263bf1b83e7d8e1c78eec57 xml/banner/mssql.xml d8925c034263bf1b83e7d8e1c78eec57 xml/banner/mssql.xml
7b21aeb3ad66d7686eacd23a6346292c xml/banner/mysql.xml 7b21aeb3ad66d7686eacd23a6346292c xml/banner/mysql.xml

3
waf/zenedge.py
View File

@ -16,8 +16,9 @@ def detect(get_page):
retval = False retval = False
for vector in WAF_ATTACK_VECTORS: for vector in WAF_ATTACK_VECTORS:
_, headers, code = get_page(get=vector) page, headers, code = get_page(get=vector)
retval = code >= 400 and re.search(r"\AZENEDGE", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None retval = code >= 400 and re.search(r"\AZENEDGE", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
retval |= all(_ in (page or "") for _ in ("Your request has been blocked", "Incident ID", "/__zenedge/assets/"))
if retval: if retval:
break break