From 81caf14b6dc727ef87b317d37c3ab7f07ac29bfe Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Mon, 21 Sep 2015 14:57:44 +0200
Subject: [PATCH] Adding switch --skip-waf

---
 lib/controller/checks.py | 8 ++++----
 lib/core/option.py       | 4 ++++
 lib/core/optiondict.py   | 1 +
 lib/parse/cmdline.py     | 4 ++++
 sqlmap.conf              | 4 ++++
 5 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index ea3dc618d..eac95629e 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1142,12 +1142,12 @@ def checkWaf():
     Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse
     """
 
-    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline)):
+    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline, conf.skipWaf)):
         return None
 
-    dbmMsg = "heuristically checking if the target is protected by "
-    dbmMsg += "some kind of WAF/IPS/IDS"
-    logger.debug(dbmMsg)
+    infoMsg = "checking if the target is protected by "
+    infoMsg += "some kind of WAF/IPS/IDS"
+    logger.info(infoMsg)
 
     retVal = False
     payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD)
diff --git a/lib/core/option.py b/lib/core/option.py
index 060043aa8..6eb4433a5 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -2295,6 +2295,10 @@ def _basicOptionValidation():
         errMsg = "option '-d' is incompatible with option '-u' ('--url')"
         raise SqlmapSyntaxException(errMsg)
 
+    if conf.identifyWaf and conf.skipWaf:
+        errMsg = "switch '--identify-waf' is incompatible with switch '--skip-waf'"
+        raise SqlmapSyntaxException(errMsg)
+
     if conf.titles and conf.nullConnection:
         errMsg = "switch '--titles' is incompatible with switch '--null-connection'"
         raise SqlmapSyntaxException(errMsg)
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index 0445ccb09..3ff1ded01 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -231,6 +231,7 @@ optDict = {
                                "cpuThrottle":       "integer",
                                "forceDns":          "boolean",
                                "identifyWaf":       "boolean",
+                               "skipWaf":           "boolean",
                                "ignore401":         "boolean",
                                "smokeTest":         "boolean",
                                "liveTest":          "boolean",
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index bd06c1867..6d417fc21 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -713,6 +713,10 @@ def cmdLineParser(argv=None):
                                   action="store_true",
                                   help="Make a thorough testing for a WAF/IPS/IDS protection")
 
+        miscellaneous.add_option("--skip-waf", dest="skipWaf",
+                                  action="store_true",
+                                  help="Skip heuristic detection of WAF/IPS/IDS protection")
+
         miscellaneous.add_option("--mobile", dest="mobile",
                                   action="store_true",
                                   help="Imitate smartphone through HTTP User-Agent header")
diff --git a/sqlmap.conf b/sqlmap.conf
index d7db6c376..c18159375 100644
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -750,6 +750,10 @@ googlePage = 1
 # Valid: True or False
 identifyWaf = False
 
+# Skip heuristic detection of WAF/IPS/IDS protection.
+# Valid: True or False
+skipWaf = False
+
 # Imitate smartphone through HTTP User-Agent header.
 # Valid: True or False
 mobile = False