Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 210b65c

Browse files
stamparmstamparm
committed
Couple of fixes for --identify-waf
1 parent 7a2ac23 commit 210b65c

5 files changed

Lines changed: 15 additions & 14 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.5.74"
22+
VERSION = "1.0.5.75"
2323
REVISION = getRevisionNumber()
2424
STABLE = VERSION.count('.') <= 2
2525
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

waf/dotdefender.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,10 @@ def detect(get_page):
1313
retval = False
1414

1515
for vector in WAF_ATTACK_VECTORS:
16-
_, headers, _ = get_page(get=vector)
17-
retVal = headers.get("X-dotDefender-denied", "") == "1"
18-
if retVal:
16+
page, headers, _ = get_page(get=vector)
17+
retval = headers.get("X-dotDefender-denied", "") == "1"
18+
retval |= "dotDefender Blocked Your Request" in (page or "")
19+
if retval:
1920
break
2021

2122
return retval

waf/edgecast.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,12 @@
1313
__product__ = "EdgeCast WAF (Verizon)"
1414

1515
def detect(get_page):
16-
retVal = False
16+
retval = False
1717

1818
for vector in WAF_ATTACK_VECTORS:
1919
_, headers, code = get_page(get=vector)
20-
retVal = code == 400 and re.search(r"\AECDF", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21-
if retVal:
20+
retval = code == 400 and re.search(r"\AECDF", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21+
if retval:
2222
break
2323

24-
return retVal
24+
return retval

waf/sucuri.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,12 @@
1313
__product__ = "Sucuri WebSite Firewall"
1414

1515
def detect(get_page):
16-
retVal = False
16+
retval = False
1717

1818
for vector in WAF_ATTACK_VECTORS:
1919
_, headers, code = get_page(get=vector)
20-
retVal = code == 403 and re.search(r"Sucuri/Cloudproxy", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21-
if retVal:
20+
retval = code == 403 and re.search(r"Sucuri/Cloudproxy", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21+
if retval:
2222
break
2323

24-
return retVal
24+
return retval

waf/webknight.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,9 @@ def detect(get_page):
1717

1818
for vector in WAF_ATTACK_VECTORS:
1919
_, headers, code = get_page(get=vector)
20-
retVal = code == 999
20+
retval = code == 999
2121
retval |= re.search(r"WebKnight", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
22-
if retVal:
22+
if retval:
2323
break
2424

2525
return retval

0 commit comments

Comments
 (0)