diff --git a/lib/core/settings.py b/lib/core/settings.py index c83c9aa29..ad9627b2d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.115" +VERSION = "1.0.5.116" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") @@ -463,7 +463,7 @@ BRUTE_TABLE_EXISTS_TEMPLATE = "EXISTS(SELECT %d FROM %s)" BRUTE_COLUMN_EXISTS_TEMPLATE = "EXISTS(SELECT %s FROM %s)" # Payload used for checking of existence of IDS/WAF (dummier the better) -IDS_WAF_CHECK_PAYLOAD = "AND 1=1 UNION ALL SELECT 1,2,'',table_name FROM information_schema.tables WHERE 2>1--/**/../../../etc/passwd" # Data inside shellcodeexec to be filled with random string SHELLCODEEXEC_RANDOM_STRING_MARKER = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" diff --git a/waf/generic.py b/waf/generic.py index f86a03e42..898ab0484 100644 --- a/waf/generic.py +++ b/waf/generic.py @@ -7,6 +7,7 @@ See the file 'doc/COPYING' for copying permission import re +from lib.core.settings import IDS_WAF_CHECK_PAYLOAD from lib.core.settings import WAF_ATTACK_VECTORS __product__ = "Generic (Unknown)" @@ -21,7 +22,7 @@ def detect(get_page): for vector in WAF_ATTACK_VECTORS: page, _, code = get_page(get=vector) - if code >= 400: + if code >= 400 or IDS_WAF_CHECK_PAYLOAD in vector and code is None: retval = True break