From 2e9bf477030cd4332a32bee7a5b39c3cdb61afff Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 30 Jan 2015 22:12:35 +0100
Subject: [PATCH] Heuristic check for WAF/IDS/IPS is now prone to tamper
 functions (Issue #1145)

---
 lib/controller/checks.py | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 5e93c6256..589ed8a86 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1101,22 +1101,17 @@ def checkWaf():
     logger.debug(dbmMsg)
 
     retVal = False
-    backup = dict(conf.parameters)
     payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD)
 
-    conf.parameters = dict(backup)
-    conf.parameters[PLACE.GET] = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
-    conf.parameters[PLACE.GET] += "%s=%s" % (randomStr(), payload)
-
-    logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
+    value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
+    value += agent.addPayloadDelimiters("%s=%s" % (randomStr(), payload))
 
     try:
-        retVal = Request.queryPage(getRatioValue=True, noteResponseTime=False, silent=True)[1] < IDS_WAF_CHECK_RATIO
+        retVal = Request.queryPage(place=PLACE.GET, value=value, getRatioValue=True, noteResponseTime=False, silent=True)[1] < IDS_WAF_CHECK_RATIO
     except SqlmapConnectionException:
         retVal = True
     finally:
         kb.matchRatio = None
-        conf.parameters = dict(backup)
 
     if retVal:
         warnMsg = "heuristics detected that the target "