diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md index 1e3284055..88bbcf56e 100644 --- a/doc/CHANGELOG.md +++ b/doc/CHANGELOG.md @@ -3,7 +3,7 @@ * Implemented support for automatic decoding of page content through detected charset. * Implemented mechanism for proper data dumping on DBMSes not supporting `LIMIT/OFFSET` like mechanism(s) (e.g. Microsoft SQL Server, Sybase, etc.). * Major improvements to program stabilization based on user reports. -* Added new tampering scripts avoiding popular WAF/IPS/IDS mechanisms. +* Added new tampering scripts avoiding popular WAF/IPS mechanisms. * Fixed major bug with DNS leaking in Tor mode. * Added wordlist compilation made of the most popular cracking dictionaries. * Implemented multi-processor hash cracking routine(s). @@ -23,7 +23,7 @@ * Added option `--csv-del` for manually setting delimiting character used in CSV output. * Added switch `--hex` for using DBMS hex conversion function(s) for data retrieval. * Added switch `--smart` for conducting through tests only in case of positive heuristic(s). -* Added switch `--check-waf` for checking of existence of WAF/IPS/IDS protection. +* Added switch `--check-waf` for checking of existence of WAF/IPS protection. * Added switch `--schema` to enumerate DBMS schema: shows all columns of all databases' tables. * Added switch `--count` to count the number of entries for a specific table or all database(s) tables. * Major improvements to switches `--tables` and `--columns`. @@ -55,7 +55,7 @@ * Added option `--host` to set the HTTP Host header value. * Added switch `--hostname` to turn on retrieval of DBMS server hostname. * Added switch `--hpp` to turn on the usage of HTTP parameter pollution WAF bypass method. -* Added switch `--identify-waf` for turning on the thorough testing of WAF/IPS/IDS protection. +* Added switch `--identify-waf` for turning on the thorough testing of WAF/IPS protection. * Added switch `--ignore-401` to ignore HTTP Error Code 401 (Unauthorized). * Added switch `--invalid-bignum` for usage of big numbers while invalidating values. * Added switch `--invalid-logical` for usage of logical operations while invalidating values. @@ -78,7 +78,7 @@ * Added option `--skip` to skip testing of given parameter(s). * Added switch `--skip-static` to skip testing parameters that not appear to be dynamic. * Added switch `--skip-urlencode` to skip URL encoding of payload data. -* Added switch `--skip-waf` to skip heuristic detection of WAF/IPS/IDS protection. +* Added switch `--skip-waf` to skip heuristic detection of WAF/IPS protection. * Added switch `--smart` to conduct thorough tests only if positive heuristic(s). * Added option `--sql-file` for setting file(s) holding SQL statements to be executed (in case of stacked SQLi). * Added switch `--sqlmap-shell` to turn on interactive sqlmap shell prompt. diff --git a/extra/wafdetectify/wafdetectify.py b/extra/wafdetectify/wafdetectify.py index f75c9f0a8..68cdcb93b 100644 --- a/extra/wafdetectify/wafdetectify.py +++ b/extra/wafdetectify/wafdetectify.py @@ -107,7 +107,7 @@ def main(): continue if function(get_page): - print colorize("[!] WAF/IPS/IDS identified as '%s'" % product) + print colorize("[!] WAF/IPS identified as '%s'" % product) found = True if not found: diff --git a/lib/controller/checks.py b/lib/controller/checks.py index cff287cda..56351fd8c 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -896,7 +896,7 @@ def checkFalsePositives(injection): kb.injection = injection - for i in xrange(conf.level): + for level in xrange(conf.level): while True: randInt1, randInt2, randInt3 = (_() for j in xrange(3)) @@ -1338,7 +1338,7 @@ def checkWaf(): if _ is not None: if _: warnMsg = "previous heuristics detected that the target " - warnMsg += "is protected by some kind of WAF/IPS/IDS" + warnMsg += "is protected by some kind of WAF/IPS" logger.critical(warnMsg) return _ @@ -1346,7 +1346,7 @@ def checkWaf(): return None infoMsg = "checking if the target is protected by " - infoMsg += "some kind of WAF/IPS/IDS" + infoMsg += "some kind of WAF/IPS" logger.info(infoMsg) retVal = False @@ -1378,12 +1378,12 @@ def checkWaf(): if retVal: warnMsg = "heuristics detected that the target " - warnMsg += "is protected by some kind of WAF/IPS/IDS" + warnMsg += "is protected by some kind of WAF/IPS" logger.critical(warnMsg) if not conf.identifyWaf: message = "do you want sqlmap to try to detect backend " - message += "WAF/IPS/IDS? [y/N] " + message += "WAF/IPS? [y/N] " if readInput(message, default='N', boolean=True): conf.identifyWaf = True @@ -1407,7 +1407,7 @@ def identifyWaf(): kb.testMode = True infoMsg = "using WAF scripts to detect " - infoMsg += "backend WAF/IPS/IDS protection" + infoMsg += "backend WAF/IPS protection" logger.info(infoMsg) @cachedmethod @@ -1434,7 +1434,7 @@ def identifyWaf(): continue try: - logger.debug("checking for WAF/IPS/IDS product '%s'" % product) + logger.debug("checking for WAF/IPS product '%s'" % product) found = function(_) except Exception, ex: errMsg = "exception occurred while running " @@ -1444,7 +1444,7 @@ def identifyWaf(): found = False if found: - errMsg = "WAF/IPS/IDS identified as '%s'" % product + errMsg = "WAF/IPS identified as '%s'" % product logger.critical(errMsg) retVal.append(product) @@ -1456,7 +1456,7 @@ def identifyWaf(): with openFile(filename, "w+b") as f: f.write(kb.wafSpecificResponse) - message = "WAF/IPS/IDS specific response can be found in '%s'. " % filename + message = "WAF/IPS specific response can be found in '%s'. " % filename message += "If you know the details on used protection please " message += "report it along with specific response " message += "to '%s'" % DEV_EMAIL_ADDRESS @@ -1473,7 +1473,7 @@ def identifyWaf(): if not choice: raise SqlmapUserQuitException else: - warnMsg = "WAF/IPS/IDS product hasn't been identified" + warnMsg = "WAF/IPS product hasn't been identified" logger.warn(warnMsg) kb.testType = None diff --git a/lib/core/option.py b/lib/core/option.py index 3241edf9e..5bd750987 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -824,7 +824,7 @@ def _setTamperingFunctions(): def _setWafFunctions(): """ - Loads WAF/IPS/IDS detecting functions from script(s) + Loads WAF/IPS detecting functions from script(s) """ if conf.identifyWaf: diff --git a/lib/core/settings.py b/lib/core/settings.py index c6d1307d5..6a133d608 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.2.9.21" +VERSION = "1.2.9.22" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -45,10 +45,10 @@ BANNER = """\033[01;33m\ DIFF_TOLERANCE = 0.05 CONSTANT_RATIO = 0.9 -# Ratio used in heuristic check for WAF/IPS/IDS protected targets +# Ratio used in heuristic check for WAF/IPS protected targets IDS_WAF_CHECK_RATIO = 0.5 -# Timeout used in heuristic check for WAF/IPS/IDS protected targets +# Timeout used in heuristic check for WAF/IPS protected targets IDS_WAF_CHECK_TIMEOUT = 10 # Lower and upper values for match ratio in case of stable page @@ -531,7 +531,7 @@ CHECK_INTERNET_ADDRESS = "https://ipinfo.io/" # Value to look for in response to CHECK_INTERNET_ADDRESS CHECK_INTERNET_VALUE = "IP Address Details" -# Vectors used for provoking specific WAF/IPS/IDS behavior(s) +# Vectors used for provoking specific WAF/IPS behavior(s) WAF_ATTACK_VECTORS = ( "", # NIL "search=", diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 24dfa7d6b..4570b9996 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -635,7 +635,7 @@ def cmdLineParser(argv=None): help="Use Google dork results from specified page number") miscellaneous.add_option("--identify-waf", dest="identifyWaf", action="store_true", - help="Make a thorough testing for a WAF/IPS/IDS protection") + help="Make a thorough testing for a WAF/IPS protection") miscellaneous.add_option("--list-tampers", dest="listTampers", action="store_true", help="Display list of available tamper scripts") @@ -650,7 +650,7 @@ def cmdLineParser(argv=None): help="Safely remove all content from sqlmap data directory") miscellaneous.add_option("--skip-waf", dest="skipWaf", action="store_true", - help="Skip heuristic detection of WAF/IPS/IDS protection") + help="Skip heuristic detection of WAF/IPS protection") miscellaneous.add_option("--smart", dest="smart", action="store_true", help="Conduct thorough tests only if positive heuristic(s)") diff --git a/lib/request/connect.py b/lib/request/connect.py index 711a76eff..d114663b7 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -649,7 +649,7 @@ class Connect(object): warnMsg = "connection was forcibly closed by the target URL" elif "timed out" in tbMsg: if kb.testMode and kb.testType not in (None, PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED): - singleTimeWarnMessage("there is a possibility that the target (or WAF/IPS/IDS) is dropping 'suspicious' requests") + singleTimeWarnMessage("there is a possibility that the target (or WAF/IPS) is dropping 'suspicious' requests") kb.droppingRequests = True warnMsg = "connection timed out to the target URL" elif "Connection reset" in tbMsg: @@ -658,7 +658,7 @@ class Connect(object): conf.disablePrecon = True if kb.testMode: - singleTimeWarnMessage("there is a possibility that the target (or WAF/IPS/IDS) is resetting 'suspicious' requests") + singleTimeWarnMessage("there is a possibility that the target (or WAF/IPS) is resetting 'suspicious' requests") kb.droppingRequests = True warnMsg = "connection reset to the target URL" elif "URLError" in tbMsg or "error" in tbMsg: @@ -1235,7 +1235,7 @@ class Connect(object): warnMsg = "site returned insanely large response" if kb.testMode: warnMsg += " in testing phase. This is a common " - warnMsg += "behavior in custom WAF/IPS/IDS solutions" + warnMsg += "behavior in custom WAF/IPS solutions" singleTimeWarnMessage(warnMsg) if conf.secondUrl: diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 83c7b7ff1..7cdd4e99d 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -22,9 +22,9 @@ e4805169a081b834ca51a60a150c7247 extra/shutils/newlines.py 1e5532ede194ac9c083891c2f02bca93 extra/sqlharvest/__init__.py b3e60ea4e18a65c48515d04aab28ff68 extra/sqlharvest/sqlharvest.py 1e5532ede194ac9c083891c2f02bca93 extra/wafdetectify/__init__.py -1c7e6968f71214f8a0355420f3914f27 extra/wafdetectify/wafdetectify.py +c1bccc94522d3425a372dcd57f78418e extra/wafdetectify/wafdetectify.py 3459c562a6abb9b4bdcc36925f751f3e lib/controller/action.py -2058987606ad75435c69d28cab11ef9e lib/controller/checks.py +0d4c9c5936d0c063f4b08318f26ad5ca lib/controller/checks.py c414cecdb0472c92cf50ed5b01e4438c lib/controller/controller.py c7443613a0a2505b1faec931cee2a6ef lib/controller/handler.py 1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py @@ -43,14 +43,14 @@ cada93357a7321655927fc9625b3bfec lib/core/exception.py 1e5532ede194ac9c083891c2f02bca93 lib/core/__init__.py 458a194764805cd8312c14ecd4be4d1e lib/core/log.py 7d6edc552e08c30f4f4d49fa93b746f1 lib/core/optiondict.py -62fb1b8e7a82c726eb9631daac4c82e9 lib/core/option.py +c59c0bfccf3e906564d82adf1fcd17de lib/core/option.py c8c386d644d57c659d74542f5f57f632 lib/core/patch.py 6783160150b4711d02c56ee2beadffdb lib/core/profiling.py 6f654e1715571eff68a0f8af3d62dcf8 lib/core/readlineng.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py -3698f90905c46eb938cf0b0f5235132f lib/core/settings.py +1778dd902fbe5392377fd9b723898bbb lib/core/settings.py dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py 248bd121e0565318e1efaff54aa427bc lib/core/target.py @@ -61,7 +61,7 @@ b35636650cfe721f5cc47fb91737c061 lib/core/update.py e772deb63270375e685fa5a7b775c382 lib/core/wordlist.py 1e5532ede194ac9c083891c2f02bca93 lib/__init__.py 7620f1f4b8791e13c7184c06b5421754 lib/parse/banner.py -7b2a20d7f149cc2522275e5df23bdc54 lib/parse/cmdline.py +fc5a42940327dd3f40a780c865b6b136 lib/parse/cmdline.py fb2e2f05dde98caeac6ccf3e67192177 lib/parse/configfile.py 3794ff139869f5ae8e81cfdbe5714f56 lib/parse/handler.py 6bab53ea9d75bc9bb8169d3e8f3f149f lib/parse/headers.py @@ -72,7 +72,7 @@ f2af274126ce0a789027d35d367f2b9e lib/parse/payloads.py 30eed3a92a04ed2c29770e1b10d39dc0 lib/request/basicauthhandler.py 2b81435f5a7519298c15c724e3194a0d lib/request/basic.py 859b6ad583e0ffba154f17ee179b5b89 lib/request/comparison.py -84f9cb02454fa21a619ccd2b3fd294d4 lib/request/connect.py +b744d840de253c05e808a72d6d11dc5d lib/request/connect.py dd4598675027fae99f2e2475b05986da lib/request/direct.py 2044fce3f4ffa268fcfaaf63241b1e64 lib/request/dns.py 98535d0efca5551e712fcc4b34a3f772 lib/request/httpshandler.py