Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 660036c

Browse files
stamparmstamparm
committed
New WAF script
1 parent 0a3144e commit 660036c

6 files changed

Lines changed: 48 additions & 4 deletions

File tree

extra/wafdetectify/wafdetectify.py

100644100755
File mode changed.

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.3.1.44"
22+
VERSION = "1.3.1.45"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

txt/checksum.md5

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
4949
9a7d68d5fa01561500423791f15cc676 lib/core/replication.py
5050
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
5151
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
52-
b5217540e886d7e5f9eb813288401923 lib/core/settings.py
52+
848552f020168105797ed2e9b7538666 lib/core/settings.py
5353
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
5454
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
5555
eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py
@@ -431,10 +431,11 @@ ce9cf35919a92d65347bb74ca0c5c86f waf/jiasule.py
431431
f44ed04eeb4287c11ce277703ec7d72d waf/knownsec.py
432432
8c3977c543ca4ec6d4231f604217cf94 waf/kona.py
433433
d4f36e44f496f4d51baa3241eabc60fd waf/malcare.py
434-
4397c299d27a500851726444fb89759e waf/modsecurity.py
434+
509af267f45485f3cb1c839fa040ff07 waf/modsecurity.py
435435
78af8e791207db9723a14bddeb7524af waf/naxsi.py
436436
504ade4d32bdbbd2932eebb07f57c3eb waf/netcontinuum.py
437437
84e9c68b6ecffafb5ec8cd96acaf62b9 waf/newdefend.py
438+
9217767400caaf2c09379b694e0038e5 waf/nginx.py
438439
d03dfe93a14c966b88f5baf59ce2b091 waf/ninjafirewall.py
439440
69fc40e85751279e9018d643742db04e waf/nsfocus.py
440441
a59aff03a5b3fb40ea0feb3489677040 waf/onmessageshield.py
@@ -451,6 +452,7 @@ d2d9718de217dd07d9e66b2e6ad61380 waf/safe3.py
451452
ac0728ddb7a15b46b0eabd78cd661f8c waf/secureiis.py
452453
ba37e1c37fa0e3688873f74183a9cb9c waf/senginx.py
453454
2602a8baed4da643e606a379e4dc75db waf/shieldsecurity.py
455+
fc21ce1e6e597e44818c03d9cb859e83 waf/siteground.py
454456
332f27cfa02abca513719851850c782e waf/siteguard.py
455457
c842d298e61a87b32668c8402a0d87b5 waf/sitelock.py
456458
a840fcd2bb042694f9aab2859e7c9b30 waf/sonicwall.py

waf/modsecurity.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ def detect(get_page):
1818
for vector in WAF_ATTACK_VECTORS:
1919
page, headers, code = get_page(get=vector)
2020
retval = re.search(r"Mod_Security|NOYB", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21-
retval |= any(_ in (page or "") for _ in ("This error was generated by Mod_Security", "One or more things in your request were suspicious", "rules of the mod_security module", "The page you are trying to access is restricted due to a security rule", "Protected by Mod Security"))
21+
retval |= any(_ in (page or "") for _ in ("This error was generated by Mod_Security", "One or more things in your request were suspicious", "rules of the mod_security module", "Protected by Mod Security"))
2222
if retval:
2323
break
2424

waf/nginx.py

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
5+
See the file 'LICENSE' for copying permission
6+
"""
7+
8+
from lib.core.settings import WAF_ATTACK_VECTORS
9+
10+
__product__ = "NGINX Web Application Firewall (NGINX Inc.)"
11+
12+
def detect(get_page):
13+
retval = False
14+
15+
for vector in WAF_ATTACK_VECTORS:
16+
page, _, _ = get_page(get=vector)
17+
retval = all(_ in (page or "") for _ in ("<center><h1>403 Forbidden</h1></center>", "<center>nginx</center>"))
18+
if retval:
19+
break
20+
21+
return retval

waf/siteground.py

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
5+
See the file 'LICENSE' for copying permission
6+
"""
7+
8+
from lib.core.settings import WAF_ATTACK_VECTORS
9+
10+
__product__ = "SiteGround Web Application Firewall (SiteGround)"
11+
12+
def detect(get_page):
13+
retval = False
14+
15+
for vector in WAF_ATTACK_VECTORS:
16+
page, _, _ = get_page(get=vector)
17+
retval = "The page you are trying to access is restricted due to a security rule" in (page or "")
18+
if retval:
19+
break
20+
21+
return retval

0 commit comments

Comments
 (0)