sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 05:04:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding WAF script for SecureIIS

Browse Source
This commit is contained in:
Miroslav Stampar 2013-02-21 21:34:26 +01:00
parent c555120c1f
commit 6acb2480b8
3 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/decorators.py
View File

@ -13,7 +13,7 @@ def cachedmethod(f, cache={}):
""" """
def _(*args, **kwargs): def _(*args, **kwargs):
key = (f, tuple(args), frozenset(kwargs.items())) key = (f, tuple(args), str(kwargs))
if key not in cache: if key not in cache:
cache[key] = f(*args, **kwargs) cache[key] = f(*args, **kwargs)
return cache[key] return cache[key]

1
lib/core/enums.py
View File

@ -152,6 +152,7 @@ class HTTPHEADER:
REFERER = "Referer" REFERER = "Referer"
SERVER = "Server" SERVER = "Server"
USER_AGENT = "User-Agent" USER_AGENT = "User-Agent"
TRANSFER_ENCODING = "Transfer-Encoding"
class EXPECTED: class EXPECTED:
BOOL = "bool" BOOL = "bool"

19
waf/secureiis.py Normal file
View File

@ -0,0 +1,19 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import re
from lib.core.enums import HTTPHEADER
__product__ = "SecureIIS Web Server Security (BeyondTrust)"
def detect(get_page):
page, headers, code = get_page()
retval = code != 404
page, headers, code = get_page(auxHeaders={HTTPHEADER.TRANSFER_ENCODING: 'a' * 1025, HTTPHEADER.ACCEPT_ENCODING: "identity"})
retval = retval and code == 404
return retval