From 42b0edca6dcfaf852d6d303e3411c47efa4ba885 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sat, 19 May 2018 12:35:39 +0200 Subject: [PATCH] Fixes #3109 --- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 ++-- waf/modsecurity.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 57015d407..cecc8f301 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.2.5.12" +VERSION = "1.2.5.13" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index b77d3e04a..c97b8d478 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -47,7 +47,7 @@ c9a56e58984420a5abb7a3f7aadc196d lib/core/optiondict.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py -28b7ef08849aa6d4f652a9d1c58ca8f2 lib/core/settings.py +d9c4c537aef395bbcf182a7f57bb510f lib/core/settings.py 0dfc2ed40adf72e302291f6ecd4406f6 lib/core/shell.py a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py 6306284edcccc185b2df085438572b0d lib/core/target.py @@ -417,7 +417,7 @@ eb56ac34775cc3c5f721ec967d04b283 waf/generic.py 5a5c9452b9779bf39c208ebe26c98fdb waf/jiasule.py 898f53c12133da3e946301f4aa97d538 waf/knownsec.py 81e6bf619c7bb73c4b62e2439e60e95a waf/kona.py -4906ab7bea7f6715f5796933f1a89381 waf/modsecurity.py +b17a154fe7959619eaafffa60e14199f waf/modsecurity.py d09a50713daf3c0a2594ed4f50c57adb waf/naxsi.py bf573d01d56e585f4ad57132bc594934 waf/netcontinuum.py cb2f1516867684042f580e02138463de waf/netscaler.py diff --git a/waf/modsecurity.py b/waf/modsecurity.py index d6d0ecbef..6b13043ef 100644 --- a/waf/modsecurity.py +++ b/waf/modsecurity.py @@ -18,7 +18,7 @@ def detect(get_page): for vector in WAF_ATTACK_VECTORS: page, headers, code = get_page(get=vector) retval = re.search(r"Mod_Security|NOYB", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None - retval |= "This error was generated by Mod_Security" in (page or "") + retval |= any(_ in (page or "") for _ in ("This error was generated by Mod_Security", "One or more things in your request were suspicious", "rules of the mod_security module")) if retval: break