mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
Update for an Issue #760
This commit is contained in:
parent
33b6d189cd
commit
32af0b17b0
|
@ -621,6 +621,9 @@ class Connect(object):
|
|||
if not place:
|
||||
place = kb.injection.place or PLACE.GET
|
||||
|
||||
if not auxHeaders:
|
||||
auxHeaders = {}
|
||||
|
||||
raise404 = place != PLACE.URI if raise404 is None else raise404
|
||||
|
||||
value = agent.adjustLateValues(value)
|
||||
|
@ -735,8 +738,6 @@ class Connect(object):
|
|||
uri = conf.url
|
||||
|
||||
if value and place == PLACE.CUSTOM_HEADER:
|
||||
if not auxHeaders:
|
||||
auxHeaders = {}
|
||||
auxHeaders[value.split(',')[0]] = value.split(',', 1)[1]
|
||||
|
||||
if conf.rParam:
|
||||
|
@ -873,9 +874,6 @@ class Connect(object):
|
|||
if kb.nullConnection == NULLCONNECTION.HEAD:
|
||||
method = HTTPMETHOD.HEAD
|
||||
elif kb.nullConnection == NULLCONNECTION.RANGE:
|
||||
if not auxHeaders:
|
||||
auxHeaders = {}
|
||||
|
||||
auxHeaders[HTTP_HEADER.RANGE] = "bytes=-1"
|
||||
|
||||
_, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404, skipRead=(kb.nullConnection == NULLCONNECTION.SKIP_READ))
|
||||
|
|
33
tamper/varnish.py
Normal file
33
tamper/varnish.py
Normal file
|
@ -0,0 +1,33 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.enums import PRIORITY
|
||||
|
||||
__priority__ = PRIORITY.NORMAL
|
||||
|
||||
def dependencies():
|
||||
pass
|
||||
|
||||
def tamper(payload, **kwargs):
|
||||
"""
|
||||
Append a HTTP Request Parameter to ByPass
|
||||
WAF Protection of Varnish Firewall.
|
||||
|
||||
You can tamper with different Parameters, like:
|
||||
>> X-forwarded-for: TARGET_CACHESERVER_IP (184.189.250.X)
|
||||
>> X-remote-IP: TARGET_PROXY_IP (184.189.250.X)
|
||||
>> X-originating-IP: TARGET_LOCAL_IP (127.0.0.1)
|
||||
>> x-remote-addr: TARGET_INTERNALUSER_IP (192.168.1.X)
|
||||
>> X-remote-IP: * or %00 or %0A
|
||||
|
||||
http://h30499.www3.hp.com/t5/Fortify-Application-Security/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366
|
||||
|
||||
"""
|
||||
|
||||
headers = kwargs.get("headers", {})
|
||||
headers["X-originating-IP"] = "127.0.0.1"
|
||||
return payload
|
Loading…
Reference in New Issue
Block a user