Update related to the #2806

2025-10-31 07:57:47 +03:00 · 2017-11-27 22:24:44 +01:00 · 2017-11-27 22:24:44 +01:00 · 5899fd5ef2
commit 5899fd5ef2
parent f60727a891
3 changed files with 5 additions and 4 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.11.38"
+VERSION = "1.1.11.39"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -46,7 +46,7 @@ e1c000db9be27f973569b1a430629037  lib/core/option.py
 760d9df2a27ded29109b390ab202e72d  lib/core/replication.py
 a2466b62e67f8b31736bac4dac590e51  lib/core/revision.py
 02d4762140a72fd44668d3dab5eabda9  lib/core/session.py
-71199d4a6f86e6c1bf6da24a41a9c1b7  lib/core/settings.py
+d61f9cea6f98ad14a6ffda2319a67a6d  lib/core/settings.py
 35bffbad762eb9e03db9e93b1c991103  lib/core/shell.py
 a59ec28371ae067a6fdd8f810edbee3d  lib/core/subprocessng.py
 d5a04d672a18f78deb2839c3745ff83c  lib/core/target.py
@ -392,7 +392,7 @@ ca3ab78d6ed53b7f2c07ed2530d47efd  udf/postgresql/windows/32/8.4/lib_postgresqlud
 58faaa04de90a44c306e862bbbe0ed83  waf/aws.py
 2347b494b91dc50d93d1437e1302f9f1  waf/baidu.py
 72fd38a1fa212fb154f74d0c978d489a  waf/barracuda.py
-02aa8b095f7fabd439a3afda0430ca84  waf/bigip.py
+5c55654a7611e767dd2be797716e2d75  waf/bigip.py
 5430f2a681071e894fa3c152eebf68e4  waf/binarysec.py
 2ce52bac62825acd4456817af6f10b14  waf/blockdos.py
 fe60962fc1d80e557b1d602fbe4934dc  waf/ciscoacexml.py
--- a/waf/bigip.py
+++ b/waf/bigip.py
@ -16,13 +16,14 @@ def detect(get_page):
    retval = False

    for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
+        _, headers, code = get_page(get=vector)
        retval = headers.get("X-Cnection", "").lower() == "close"
        retval |= headers.get("X-WA-Info") is not None
        retval |= re.search(r"\ATS\w{4,}=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
        retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
        retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
        retval |= re.search(r"\AF5\Z", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval &= code >= 400
        if retval:
            break