New WAF script

This commit is contained in:
Miroslav Stampar 2019-01-07 15:52:22 +01:00
parent ba617c49a4
commit 97cf5b9ace
3 changed files with 25 additions and 2 deletions

View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.1.17"
VERSION = "1.3.1.18"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View File

@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
9a7d68d5fa01561500423791f15cc676 lib/core/replication.py
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
b7fcdd7fd2733a559b004546438eaf72 lib/core/settings.py
b23dad136d358b0b109459f85b713ed9 lib/core/settings.py
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py
@ -455,6 +455,7 @@ ba37e1c37fa0e3688873f74183a9cb9c waf/senginx.py
4d79866c7cff0d7650a22d0a85126c05 waf/sitelock.py
a840fcd2bb042694f9aab2859e7c9b30 waf/sonicwall.py
45683bfe7a428f47745416c727a789bd waf/sophos.py
197bae9ee9b7e8d4f77e814a33cfd665 waf/stackpath.py
a0aa5997d0d5db18920840220dc4ad36 waf/stingray.py
74bd52941b606d15f1a6cdc7b52f761c waf/sucuri.py
205beb7ed5e70119f8700a9e295b6a4a waf/tencent.py

22
waf/stackpath.py Normal file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env python
"""
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from lib.core.enums import HTTP_HEADER
from lib.core.settings import WAF_ATTACK_VECTORS
__product__ = "StackPath Web Application Firewall (StackPath LLC)"
def detect(get_page):
retval = False
for vector in WAF_ATTACK_VECTORS:
page, _, _ = get_page(get=vector)
retval = all(_ in (page or "") for _ in ("This website is using a security service to protect itself from online attacks", "You performed an action that triggered the service and blocked your request"))
if retval:
break
return retval