mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	Minor improvement of generic WAF script
This commit is contained in:
		
							parent
							
								
									42ddfd8f50
								
							
						
					
					
						commit
						f2f7994ac6
					
				|  | @ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME | |||
| from lib.core.enums import OS | ||||
| 
 | ||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||
| VERSION = "1.1.12.21" | ||||
| VERSION = "1.1.12.22" | ||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||
| VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | ||||
|  | @ -84,6 +84,9 @@ TEXT_CONTENT_TYPE_REGEX = r"(?i)(text|form|message|xml|javascript|ecmascript|jso | |||
| # Regular expression used for recognition of generic permission messages | ||||
| PERMISSION_DENIED_REGEX = r"(command|permission|access)\s*(was|is)?\s*denied" | ||||
| 
 | ||||
| # Regular expression used in recognition of generic protection mechanisms | ||||
| GENERIC_PROTECTION_REGEX = r"(?i)\b(rejected|blocked|protection|incident|denied|detected|dangerous|firewall)\b" | ||||
| 
 | ||||
| # Regular expression used for recognition of generic maximum connection messages | ||||
| MAX_CONNECTIONS_REGEX = r"\bmax.+?\bconnection" | ||||
| 
 | ||||
|  |  | |||
|  | @ -46,7 +46,7 @@ f872699e948d0692ce11b54781da814c  lib/core/log.py | |||
| 760d9df2a27ded29109b390ab202e72d  lib/core/replication.py | ||||
| a2466b62e67f8b31736bac4dac590e51  lib/core/revision.py | ||||
| 02d4762140a72fd44668d3dab5eabda9  lib/core/session.py | ||||
| 8876dee2d5d1f9efbb520c78849b9a3a  lib/core/settings.py | ||||
| ea5aa15bc9cc2d2dc1b68c6e8121b650  lib/core/settings.py | ||||
| 35bffbad762eb9e03db9e93b1c991103  lib/core/shell.py | ||||
| a59ec28371ae067a6fdd8f810edbee3d  lib/core/subprocessng.py | ||||
| d93501771b41315f9fb949305b6ed257  lib/core/target.py | ||||
|  | @ -407,7 +407,7 @@ d3aa7e5b222811f90c75aa8a0db509a3  waf/dosarrest.py | |||
| f4883f1443676f5291b1ef3e2cf0cbfd  waf/edgecast.py | ||||
| cd558b27d5bc4e42fcd5571d8c9c3a10  waf/expressionengine.py | ||||
| 6ccb307f53f878eacf9d08d0e97738e2  waf/fortiweb.py | ||||
| daf5235e066e18c0d9ba9f9b5bc9e47b  waf/generic.py | ||||
| 37c81331b70c755610a5c70ead8fc7b6  waf/generic.py | ||||
| 200d859893c4e84fbae9c32d5099ab65  waf/hyperguard.py | ||||
| ced90975810f7f68103d38523567ab3f  waf/incapsula.py | ||||
| 5fb9aaf874daa47ea2b672a22740e56b  waf/__init__.py | ||||
|  |  | |||
|  | @ -5,7 +5,10 @@ Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/) | |||
| See the file 'LICENSE' for copying permission | ||||
| """ | ||||
| 
 | ||||
| from lib.core.option import kb | ||||
| import re | ||||
| 
 | ||||
| from lib.core.data import kb | ||||
| from lib.core.settings import GENERIC_PROTECTION_REGEX | ||||
| from lib.core.settings import IDS_WAF_CHECK_PAYLOAD | ||||
| from lib.core.settings import WAF_ATTACK_VECTORS | ||||
| 
 | ||||
|  | @ -14,14 +17,14 @@ __product__ = "Generic (Unknown)" | |||
| def detect(get_page): | ||||
|     retval = False | ||||
| 
 | ||||
|     page, headers, code = get_page() | ||||
|     if page is None or code >= 400: | ||||
|     original, _, code = get_page() | ||||
|     if original is None or code >= 400: | ||||
|         return False | ||||
| 
 | ||||
|     for vector in WAF_ATTACK_VECTORS: | ||||
|         page, _, code = get_page(get=vector) | ||||
|         page, headers, code = get_page(get=vector) | ||||
| 
 | ||||
|         if code >= 400 or IDS_WAF_CHECK_PAYLOAD in vector and code is None: | ||||
|         if code >= 400 or (IDS_WAF_CHECK_PAYLOAD in vector and (code is None or re.search(GENERIC_PROTECTION_REGEX, page or "") and not re.search(GENERIC_PROTECTION_REGEX, original or ""))): | ||||
|             if code is not None: | ||||
|                 kb.wafSpecificResponse = "HTTP/1.1 %s\n%s\n%s" % (code, "".join(_ for _ in headers.headers or [] if not _.startswith("URI")), page) | ||||
| 
 | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user