sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update of airlock WAF script

Browse Source
This commit is contained in:
Miroslav Stampar 2019-01-10 13:40:51 +01:00
parent 241c6b02f0
commit aa7af33fd5
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.1.32" VERSION = "1.3.1.33"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

4
txt/checksum.md5
View File

@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
9a7d68d5fa01561500423791f15cc676 lib/core/replication.py 9a7d68d5fa01561500423791f15cc676 lib/core/replication.py
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py 3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
00af73cfc49989f912a14303f0555eb2 lib/core/settings.py b1f45422ccaa4ffb67909daa015f85d6 lib/core/settings.py
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py 5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py
@ -398,7 +398,7 @@ ca3ab78d6ed53b7f2c07ed2530d47efd udf/postgresql/windows/32/8.4/lib_postgresqlud
0d3fe0293573a4453463a0fa5a081de1 udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_ 0d3fe0293573a4453463a0fa5a081de1 udf/postgresql/windows/32/9.0/lib_postgresqludf_sys.dll_
129c2436cf3e0dd9ba0429b2f45a0113 waf/360.py 129c2436cf3e0dd9ba0429b2f45a0113 waf/360.py
2d63c46bed78aec2966a363d5db800fd waf/aesecure.py 2d63c46bed78aec2966a363d5db800fd waf/aesecure.py
2add09865acdb6edc40d326446ac6e40 waf/airlock.py b6bc83ae9ea69cf96e9389bde8250c7c waf/airlock.py
94eec6c5d02357596292d36a8533f08f waf/anquanbao.py 94eec6c5d02357596292d36a8533f08f waf/anquanbao.py
7ab1a7cd51a02899592f4f755d36a02e waf/approach.py 7ab1a7cd51a02899592f4f755d36a02e waf/approach.py
425f2599f57ab81b4fff67e6b442cccc waf/armor.py 425f2599f57ab81b4fff67e6b442cccc waf/armor.py

3
waf/airlock.py
View File

@ -16,8 +16,9 @@ def detect(get_page):
retval = False retval = False
for vector in WAF_ATTACK_VECTORS: for vector in WAF_ATTACK_VECTORS:
_, headers, _ = get_page(get=vector) page, headers, _ = get_page(get=vector)
retval = re.search(r"\AAL[_-]?(SESS|LB)", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None retval = re.search(r"\AAL[_-]?(SESS|LB)", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
retval |= all(_ in (page or "") for _ in ("The server detected a syntax error in your request", "Check your request and all parameters", "Bad Request", "Your request ID was"))
if retval: if retval:
break break