sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-31 07:57:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Heuristic check for WAF/IDS/IPS is now prone to tamper functions (Issue #1145)

Browse Source
This commit is contained in:
Miroslav Stampar 2015-01-30 22:12:35 +01:00
parent 9e90e357cf
commit 2e9bf47703
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/controller/checks.py
View File

@ -1101,22 +1101,17 @@ def checkWaf():
logger.debug(dbmMsg) logger.debug(dbmMsg)
retVal = False retVal = False
backup = dict(conf.parameters)
payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD) payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD)
conf.parameters = dict(backup) value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
conf.parameters[PLACE.GET] = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER value += agent.addPayloadDelimiters("%s=%s" % (randomStr(), payload))
conf.parameters[PLACE.GET] += "%s=%s" % (randomStr(), payload)
logger.log(CUSTOM_LOGGING.PAYLOAD, payload)
try: try:
retVal = Request.queryPage(getRatioValue=True, noteResponseTime=False, silent=True)[1] < IDS_WAF_CHECK_RATIO retVal = Request.queryPage(place=PLACE.GET, value=value, getRatioValue=True, noteResponseTime=False, silent=True)[1] < IDS_WAF_CHECK_RATIO
except SqlmapConnectionException: except SqlmapConnectionException:
retVal = True retVal = True
finally: finally:
kb.matchRatio = None kb.matchRatio = None
conf.parameters = dict(backup)
if retVal: if retVal:
warnMsg = "heuristics detected that the target " warnMsg = "heuristics detected that the target "