sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 08:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

some fixes regarding --check-payload

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-29 11:00:23 +00:00
parent b3b2c3864a
commit f7d42af046
2 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/utils/checkpayload.py
View File

@ -50,9 +50,6 @@ def checkPayload(payload):
if payload: if payload:
for rule, desc in rules: for rule, desc in rules:
try: regObj = getCompiledRegex(rule)
regObj = getCompiledRegex(rule) if regObj.search(payload):
if regObj.search(payload): logger.warn("highly probable IDS/IPS detection: '%s: %s'" % (desc, payload))
logger.warn("highly probable IDS/IPS detection: '%s: %s'" % (desc, payload))
except: # Some issues with some regex expressions in Python 2.5
pass

2
xml/phpids_rules.xml
View File

@ -56,7 +56,7 @@
</filter> </filter>
<filter> <filter>
<id>45</id> <id>45</id>
<rule><![CDATA[(?:union\s*(?:all|distinct|[(!@]*)?\s*[([]*\s*select)|(?:\w+\s+like\s+\")|(?:like\s*"\%)|(?:"\s*like\W*["\d])|(?:"\s*(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w]+=\s*\w+\s*having)|(?:"\s*\*\s*\w+\W+")|(?:"\s*[^?\w\s=.,;)(]+\s*[(@"]*\s*\w+\W+\w)|(?:select\s*[\[\]()\s\w\.,-]+from)]]></rule> <rule><![CDATA[(?:union\s*(?:all|distinct|[(!@]+)?\s*[([]*\s*select)|(?:\w+\s+like\s+\")|(?:like\s*"\%)|(?:"\s*like\W*["\d])|(?:"\s*(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w]+=\s*\w+\s*having)|(?:"\s*\*\s*\w+\W+")|(?:"\s*[^?\w\s=.,;)(]+\s*[(@"]*\s*\w+\W+\w)|(?:select\s*[\[\]()\s\w\.,-]+from)]]></rule>
<description>Detects basic SQL authentication bypass attempts 2/3</description> <description>Detects basic SQL authentication bypass attempts 2/3</description>
<tags> <tags>
<tag>sqli</tag> <tag>sqli</tag>