From aea3749015a958e65036e73d31e035ce13f1e3dc Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 11 Jan 2019 12:35:35 +0100 Subject: [PATCH] Dealing with FP for expressionengine.py --- lib/core/settings.py | 2 +- txt/checksum.md5 | 4 ++-- waf/expressionengine.py | 3 +-- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index a206eb7d0..32ce8db7c 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.1.40" +VERSION = "1.3.1.41" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index b0e4b7574..72dff6815 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py 9a7d68d5fa01561500423791f15cc676 lib/core/replication.py 3179d34f371e0295dd4604568fb30bcd lib/core/revision.py d6269c55789f78cf707e09a0f5b45443 lib/core/session.py -af9f5e98db9e56caf828065cbadecc6f lib/core/settings.py +df03aea681ed80e9850697b60db1b0eb lib/core/settings.py a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py 5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py @@ -419,7 +419,7 @@ af079de99a8ec6988d28aa4c0aa32cf9 waf/cloudbric.py 4254527ec80588f5289f56c7b52c4b30 waf/distil.py 886c6502a6a2aae49921efed8d439f7b waf/dotdefender.py a8412619d7f26ed6bc9e0b20a57b2324 waf/edgecast.py -b65877b412a4c648aa442116ef94e2af waf/expressionengine.py +5df01dde939c0d22bc163730873e9854 waf/expressionengine.py 588d2f9a8f201e120e74e508564cb487 waf/fortiweb.py 0e9eb20967d2dde941cca8c663a63e1f waf/generic.py 4ea580dd1b9679bd733866976ad5d81e waf/godaddy.py diff --git a/waf/expressionengine.py b/waf/expressionengine.py index 85befdc84..d2cbf57d1 100644 --- a/waf/expressionengine.py +++ b/waf/expressionengine.py @@ -17,8 +17,7 @@ def detect(get_page): for vector in WAF_ATTACK_VECTORS: page, headers, _ = get_page(get=vector) - retval = any((page or "").strip() == _ for _ in ("Invalid GET Data", "Invalid URI")) - retval |= re.search(r"\Aexp_last_", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None + retval = any((page or "").strip() == _ for _ in ("Invalid GET Data", "Invalid URI")) and re.search(r"\bexp_last_", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None if retval: break