Adding switch --skip-waf

2025-01-23 15:54:24 +03:00 · 2015-09-21 14:57:44 +02:00 · 2015-09-21 14:57:44 +02:00 · 81caf14b6d
commit 81caf14b6d
parent e81e474646
5 changed files with 17 additions and 4 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -1142,12 +1142,12 @@ def checkWaf():
    Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse
    """

-    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline)):
+    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline, conf.skipWaf)):
        return None

-    dbmMsg = "heuristically checking if the target is protected by "
-    dbmMsg += "some kind of WAF/IPS/IDS"
-    logger.debug(dbmMsg)
+    infoMsg = "checking if the target is protected by "
+    infoMsg += "some kind of WAF/IPS/IDS"
+    logger.info(infoMsg)

    retVal = False
    payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD)
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -2295,6 +2295,10 @@ def _basicOptionValidation():
        errMsg = "option '-d' is incompatible with option '-u' ('--url')"
        raise SqlmapSyntaxException(errMsg)

+    if conf.identifyWaf and conf.skipWaf:
+        errMsg = "switch '--identify-waf' is incompatible with switch '--skip-waf'"
+        raise SqlmapSyntaxException(errMsg)
+
    if conf.titles and conf.nullConnection:
        errMsg = "switch '--titles' is incompatible with switch '--null-connection'"
        raise SqlmapSyntaxException(errMsg)
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -231,6 +231,7 @@ optDict = {
                               "cpuThrottle":       "integer",
                               "forceDns":          "boolean",
                               "identifyWaf":       "boolean",
+                               "skipWaf":           "boolean",
                               "ignore401":         "boolean",
                               "smokeTest":         "boolean",
                               "liveTest":          "boolean",
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -713,6 +713,10 @@ def cmdLineParser(argv=None):
                                  action="store_true",
                                  help="Make a thorough testing for a WAF/IPS/IDS protection")

+        miscellaneous.add_option("--skip-waf", dest="skipWaf",
+                                  action="store_true",
+                                  help="Skip heuristic detection of WAF/IPS/IDS protection")
+
        miscellaneous.add_option("--mobile", dest="mobile",
                                  action="store_true",
                                  help="Imitate smartphone through HTTP User-Agent header")
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -750,6 +750,10 @@ googlePage = 1
 # Valid: True or False
 identifyWaf = False

+# Skip heuristic detection of WAF/IPS/IDS protection.
+# Valid: True or False
+skipWaf = False
+
 # Imitate smartphone through HTTP User-Agent header.
 # Valid: True or False
 mobile = False