diff --git a/lib/core/settings.py b/lib/core/settings.py index 7f76428b3..275935833 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.2.10" +VERSION = "1.3.2.11" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 81723d47e..b7b9ba1ec 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -50,7 +50,7 @@ d5ef43fe3cdd6c2602d7db45651f9ceb lib/core/readlineng.py 7d8a22c582ad201f65b73225e4456170 lib/core/replication.py 3179d34f371e0295dd4604568fb30bcd lib/core/revision.py d6269c55789f78cf707e09a0f5b45443 lib/core/session.py -0a6a0426799dcb447311887b30fc498c lib/core/settings.py +cb31ee4773d12d0041a2fabb1bbc9291 lib/core/settings.py 4483b4a5b601d8f1c4281071dff21ecc lib/core/shell.py 10fd19b0716ed261e6d04f311f6f527c lib/core/subprocessng.py 43772ea73e9e3d446f782af591cb4eda lib/core/target.py @@ -473,6 +473,7 @@ ba0fb1e6b815446b9d6f30950900fc80 waf/trafficshield.py 67df54343a85fe053226e2a5483b2c64 waf/wallarm.py 114000c53115fa8f4dd9b1b9122ec32a waf/watchguard.py a7b8c4c3d1463409e0e204932f0ddff0 waf/webknight.py +053c6b1ea20133bd9f563f1275ddb5a4 waf/webseal.py ac9e4e3ced77012ed97284634a9ffc74 waf/wordfence.py e69f77220558564785f0b3c961782a93 waf/yundun.py a560bee3e948b97af2c88805933dcaad waf/yunsuo.py diff --git a/waf/ibm_webseal.py b/waf/webseal.py similarity index 52% rename from waf/ibm_webseal.py rename to waf/webseal.py index 220c13c39..4fa6ec2d3 100644 --- a/waf/ibm_webseal.py +++ b/waf/webseal.py @@ -10,15 +10,15 @@ import re from lib.core.enums import HTTP_HEADER from lib.core.settings import WAF_ATTACK_VECTORS -__product__ = "IBM Security Access Manager for Web WebSEAL." +__product__ = "WebSEAL (IBM)" def detect(get_page): retval = False for vector in WAF_ATTACK_VECTORS: - _, headers, _ = get_page(get=vector) - retval = re.search(r"WebSEAL/9.0.5.0", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None - retval |= "The Access Manager WebSEAL server received an invalid HTTP request." in (page or "") is not None + page, headers, _ = get_page(get=vector) + retval = re.search(r"WebSEAL", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None + retval |= any(_ in (page or "") for _ in ("This is a WebSEAL error message template file", "The Access Manager WebSEAL server received an invalid HTTP request")) if retval: break