sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding a choice to automatically turn on --identify-waf if protection has been detected

Browse Source
This commit is contained in:
Miroslav Stampar 2015-01-20 09:38:18 +01:00
parent a66b0c91bb
commit a603002acd
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/controller/checks.py
View File

@ -1119,9 +1119,17 @@ def checkWaf():
conf.parameters = dict(backup) conf.parameters = dict(backup)
if retVal: if retVal:
warnMsg = "it appears that the target is protected. Please " warnMsg = "it appears that the target "
warnMsg += "consider usage of tamper scripts (option '--tamper')" warnMsg += "is protected"
logger.critical(warnMsg) logger.critical(warnMsg)
if not conf.identifyWaf:
message = "do you want sqlmap to try to detect backend "
message += "WAF/IPS/IDS? [y/N] "
output = readInput(message, default="N")
if output and output[0] in ("Y", "y"):
conf.identifyWaf = True
else: else:
infoMsg = "it appears that the target is not protected" infoMsg = "it appears that the target is not protected"
logger.info(infoMsg) logger.info(infoMsg)
@ -1184,8 +1192,8 @@ def identifyWaf():
if output and output[0] not in ("Y", "y"): if output and output[0] not in ("Y", "y"):
raise SqlmapUserQuitException raise SqlmapUserQuitException
else: else:
infoMsg = "no WAF/IDS/IPS product has been identified" warnMsg = "no WAF/IDS/IPS product has been identified"
logger.info(infoMsg) logger.warn(warnMsg)
kb.testType = None kb.testType = None
kb.testMode = False kb.testMode = False