diff --git a/lib/controller/checks.py b/lib/controller/checks.py index a62d61e03..5546b73b4 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -25,6 +25,8 @@ from lib.core.common import getPublicTypeMembers from lib.core.common import getSafeExString from lib.core.common import getSortedInjectionTests from lib.core.common import getUnicode +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import intersect from lib.core.common import listToStrValue from lib.core.common import parseFilePaths @@ -48,6 +50,7 @@ from lib.core.datatype import InjectionDict from lib.core.decorators import cachedmethod from lib.core.dicts import FROM_DUMMY_TABLE from lib.core.enums import DBMS +from lib.core.enums import HASHDB_KEYS from lib.core.enums import HEURISTIC_TEST from lib.core.enums import HTTP_HEADER from lib.core.enums import HTTPMETHOD @@ -1155,6 +1158,14 @@ def checkWaf(): if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline, conf.skipWaf)): return None + _ = hashDBRetrieve(HASHDB_KEYS.CHECK_WAF_RESULT, True) + if _ is not None: + if _: + warnMsg = "previous heuristics detected that the target " + warnMsg += "is protected by some kind of WAF/IPS/IDS" + logger.critical(warnMsg) + return _ + infoMsg = "checking if the target is protected by " infoMsg += "some kind of WAF/IPS/IDS" logger.info(infoMsg) @@ -1193,6 +1204,8 @@ def checkWaf(): logger.warning("dropping timeout to %d seconds (i.e. '--timeout=%d')" % (IDS_WAF_CHECK_TIMEOUT, IDS_WAF_CHECK_TIMEOUT)) conf.timeout = IDS_WAF_CHECK_TIMEOUT + hashDBWrite(HASHDB_KEYS.CHECK_WAF_RESULT, retVal, True) + return retVal def identifyWaf(): diff --git a/lib/core/enums.py b/lib/core/enums.py index 78b6f62fd..1bb4fcbbf 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -194,6 +194,7 @@ class OPTION_TYPE: class HASHDB_KEYS: DBMS = "DBMS" + CHECK_WAF_RESULT = "CHECK_WAF_RESULT" CONF_TMP_PATH = "CONF_TMP_PATH" KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS" KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"