From 792ed52ab5eebf53db2e04ad4890bd6c6f6fe6bc Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 26 Nov 2017 12:06:23 +0100 Subject: [PATCH] New WAF scripts --- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 +++- waf/watchguard.py | 24 ++++++++++++++++++++++++ waf/zenedge.py | 24 ++++++++++++++++++++++++ 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 waf/watchguard.py create mode 100644 waf/zenedge.py diff --git a/lib/core/settings.py b/lib/core/settings.py index 3383253c0..2762556f7 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.1.11.36" +VERSION = "1.1.11.37" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 7d985f6c0..65233107f 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -46,7 +46,7 @@ e1c000db9be27f973569b1a430629037 lib/core/option.py 760d9df2a27ded29109b390ab202e72d lib/core/replication.py a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py 02d4762140a72fd44668d3dab5eabda9 lib/core/session.py -e89b14c4721391f547a76476221beaa8 lib/core/settings.py +08ba426f7157982ff9aa4c8d40a5f2b5 lib/core/settings.py 35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py d5a04d672a18f78deb2839c3745ff83c lib/core/target.py @@ -441,11 +441,13 @@ a4fca90afde376962f09ac10c965b6e7 waf/urlscan.py 2952dadc49a810bde918ae70ca9bb042 waf/uspses.py e0e9afe5330645bcf63103cf7df6ef56 waf/varnish.py c6b044f4f29680e0767b36c893b9346b waf/wallarm.py +fe451f569a88c198adda6d22b39c9a4b waf/watchguard.py dc78bd60735f4c2b2cfc05dc8b148a56 waf/webappsecure.py 755709c2c28da8dc612ce0d277d8ba02 waf/webknight.py 07ca74cd2e76310caacb709c5304999b waf/wordfence.py d347378166b781e39569eaaa036268d5 waf/yundun.py c32f8c216fab0a0672f734a48da8d6ff waf/yunsuo.py +fd87445df19ad9e58b5ffff464bd7413 waf/zenedge.py e87d59af23b7b18cd56c9883e5f02d5c xml/banner/generic.xml d8925c034263bf1b83e7d8e1c78eec57 xml/banner/mssql.xml b8b56f4aa34bf65365808919b97119a7 xml/banner/mysql.xml diff --git a/waf/watchguard.py b/waf/watchguard.py new file mode 100644 index 000000000..cf137139a --- /dev/null +++ b/waf/watchguard.py @@ -0,0 +1,24 @@ +#!/usr/bin/env python + +""" +Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/) +See the file 'LICENSE' for copying permission +""" + +import re + +from lib.core.enums import HTTP_HEADER +from lib.core.settings import WAF_ATTACK_VECTORS + +__product__ = "WatchGuard (WatchGuard Technologies)" + +def detect(get_page): + retval = False + + for vector in WAF_ATTACK_VECTORS: + _, headers, code = get_page(get=vector) + retval = code >= 400 and re.search(r"\AWatchGuard", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None + if retval: + break + + return retval diff --git a/waf/zenedge.py b/waf/zenedge.py new file mode 100644 index 000000000..2f7da2623 --- /dev/null +++ b/waf/zenedge.py @@ -0,0 +1,24 @@ +#!/usr/bin/env python + +""" +Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/) +See the file 'LICENSE' for copying permission +""" + +import re + +from lib.core.enums import HTTP_HEADER +from lib.core.settings import WAF_ATTACK_VECTORS + +__product__ = "Zenedge Web Application Firewall (Zenedge)" + +def detect(get_page): + retval = False + + for vector in WAF_ATTACK_VECTORS: + _, headers, code = get_page(get=vector) + retval = code >= 400 and re.search(r"\AZENEDGE", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None + if retval: + break + + return retval