From aa7af33fd54f4bcebf9eedecaa27e7a6f31086db Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 10 Jan 2019 13:40:51 +0100
Subject: [PATCH] Update of airlock WAF script

---
 lib/core/settings.py | 2 +-
 txt/checksum.md5     | 4 ++--
 waf/airlock.py       | 3 ++-
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/core/settings.py b/lib/core/settings.py
index a8b09b84a..d84839bf6 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.1.32"
+VERSION = "1.3.1.33"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/txt/checksum.md5 b/txt/checksum.md5
index 83f6073c6..7bf328305 100644
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3  lib/core/patch.py
 9a7d68d5fa01561500423791f15cc676  lib/core/replication.py
 3179d34f371e0295dd4604568fb30bcd  lib/core/revision.py
 d6269c55789f78cf707e09a0f5b45443  lib/core/session.py
-00af73cfc49989f912a14303f0555eb2  lib/core/settings.py
+b1f45422ccaa4ffb67909daa015f85d6  lib/core/settings.py
 a8a7501d1e6b21669b858a62e921d191  lib/core/shell.py
 5dc606fdf0afefd4b305169c21ab2612  lib/core/subprocessng.py
 eec3080ba5baca44c6de4595f1c92a0d  lib/core/target.py
@@ -398,7 +398,7 @@ ca3ab78d6ed53b7f2c07ed2530d47efd  udf/postgresql/windows/32/8.4/lib_postgresqlud
 0d3fe0293573a4453463a0fa5a081de1  udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
 129c2436cf3e0dd9ba0429b2f45a0113  waf/360.py
 2d63c46bed78aec2966a363d5db800fd  waf/aesecure.py
-2add09865acdb6edc40d326446ac6e40  waf/airlock.py
+b6bc83ae9ea69cf96e9389bde8250c7c  waf/airlock.py
 94eec6c5d02357596292d36a8533f08f  waf/anquanbao.py
 7ab1a7cd51a02899592f4f755d36a02e  waf/approach.py
 425f2599f57ab81b4fff67e6b442cccc  waf/armor.py
diff --git a/waf/airlock.py b/waf/airlock.py
index fe6b9db6e..4f2402636 100644
--- a/waf/airlock.py
+++ b/waf/airlock.py
@@ -16,8 +16,9 @@ def detect(get_page):
     retval = False
 
     for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
+        page, headers, _ = get_page(get=vector)
         retval = re.search(r"\AAL[_-]?(SESS|LB)", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
+        retval |= all(_ in (page or "") for _ in ("The server detected a syntax error in your request", "Check your request and all parameters", "Bad Request", "Your request ID was"))
         if retval:
             break