sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding waf script for detection of generic/unknown

Browse Source
This commit is contained in:
Miroslav Stampar 2016-05-27 16:34:41 +02:00
parent f9d01f682b
commit 69fd900108
5 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/controller/checks.py
View File

@ -1292,7 +1292,7 @@ def identifyWaf():
break break
if retVal: if retVal:
errMsg = "WAF/IDS/IPS identified '%s'. Please " % retVal errMsg = "WAF/IDS/IPS identified as '%s'. Please " % retVal
errMsg += "consider usage of tamper scripts (option '--tamper')" errMsg += "consider usage of tamper scripts (option '--tamper')"
logger.critical(errMsg) logger.critical(errMsg)

2
lib/core/option.py
View File

@ -998,6 +998,8 @@ def _setWafFunctions():
else: else:
kb.wafFunctions.append((_["detect"], _.get("__product__", filename[:-3]))) kb.wafFunctions.append((_["detect"], _.get("__product__", filename[:-3])))
kb.wafFunctions = sorted(kb.wafFunctions, key=lambda _: "generic" in _[1].lower())
def _setThreads(): def _setThreads():
if not isinstance(conf.threads, int) or conf.threads <= 0: if not isinstance(conf.threads, int) or conf.threads <= 0:
conf.threads = 1 conf.threads = 1

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import OS
from lib.core.revision import getRevisionNumber from lib.core.revision import getRevisionNumber
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.0.5.91" VERSION = "1.0.5.93"
REVISION = getRevisionNumber() REVISION = getRevisionNumber()
STABLE = VERSION.count('.') <= 2 STABLE = VERSION.count('.') <= 2
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

4
waf/cloudflare.py
View File

@ -18,10 +18,12 @@ def detect(get_page):
for vector in WAF_ATTACK_VECTORS: for vector in WAF_ATTACK_VECTORS:
page, headers, code = get_page(get=vector) page, headers, code = get_page(get=vector)
retval = re.search(r"cloudflare-nginx", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None retval = re.search(r"cloudflare-nginx", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
if code > 400:
if code >= 400:
retval |= re.search(r"\A__cfduid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None retval |= re.search(r"\A__cfduid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
retval |= headers.get("cf-ray") is not None retval |= headers.get("cf-ray") is not None
retval |= re.search(r"CloudFlare Ray ID:|var CloudFlare=", page or "") is not None retval |= re.search(r"CloudFlare Ray ID:|var CloudFlare=", page or "") is not None
if retval: if retval:
break break

28
waf/generic.py Normal file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import re
from lib.core.settings import WAF_ATTACK_VECTORS
__product__ = "Generic (Unknown)"
def detect(get_page):
retval = False
page, _, code = get_page()
if page is None or code >= 400:
return False
for vector in WAF_ATTACK_VECTORS:
page, _, code = get_page(get=vector)
if code >= 400:
retval = True
break
return retval