1919
2020sys .dont_write_bytecode = True
2121
22- NAME , VERSION , AUTHOR = "WAF Detectify" , "0.1" , "Miroslav Stampar (@stamparm )"
22+ NAME , VERSION , AUTHOR = "WAF Detectify" , "0.1" , "sqlmap developers (@sqlmap )"
2323TIMEOUT = 10
2424HEADERS = {"User-Agent" : "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" , "Accept" : "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" , "Accept-Language" : "en-US,en;q=0.5" , "Accept-Encoding" : "gzip, deflate" , "Cache-Control" : "max-age=0" }
2525SQLMAP_DIR = os .path .abspath (os .path .join (os .path .dirname (__file__ ), ".." , ".." ))
2626SCRIPTS_DIR = os .path .join (SQLMAP_DIR , "waf" )
27+ LEVEL_COLORS = {"o" : "\033 [00;94m" , "x" : "\033 [00;91m" , "!" : "\033 [00;93m" , "i" : "\033 [00;92m" }
2728CACHE = {}
2829WAF_FUNCTIONS = []
2930
@@ -41,7 +42,9 @@ def get_page(get=None, url=None, host=None, data=None):
4142
4243 try :
4344 req = urllib2 .Request ("" .join (url [_ ].replace (' ' , "%20" ) if _ > url .find ('?' ) else url [_ ] for _ in xrange (len (url ))), data , HEADERS )
44- page = urllib2 .urlopen (req , timeout = TIMEOUT ).read ()
45+ conn = urllib2 .urlopen (req , timeout = TIMEOUT )
46+ page = conn .read ()
47+ headers = conn .info ()
4548 except Exception , ex :
4649 code = getattr (ex , "code" , None )
4750 page = ex .read () if hasattr (ex , "read" ) else getattr (ex , "msg" , "" )
@@ -50,13 +53,21 @@ def get_page(get=None, url=None, host=None, data=None):
5053
5154 return result
5255
56+ def colorize (message ):
57+ if not subprocess .mswindows :
58+ message = re .sub (r"\[(.)\]" , lambda match : "[%s%s\033 [00;49m]" % (LEVEL_COLORS [match .group (1 )], match .group (1 )), message )
59+ message = message .replace ("@sqlmap" , "\033 [00;96m@sqlmap\033 [00;49m" )
60+ message = message .replace (NAME , "\033 [00;93m%s\033 [00;49m" % NAME )
61+
62+ return message
63+
5364def main ():
5465 global WAF_FUNCTIONS
5566
56- print "%s #v%s\n by: %s\n " % (NAME , VERSION , AUTHOR )
67+ print colorize ( "%s #v%s\n by: %s\n " % (NAME , VERSION , AUTHOR ) )
5768
5869 if len (sys .argv ) < 2 :
59- exit ("[x] usage: python %s <hostname>" % os .path .split (__file__ )[- 1 ])
70+ exit (colorize ( "[x] usage: python %s <hostname>" % os .path .split (__file__ )[- 1 ]) )
6071
6172 cookie_jar = cookielib .CookieJar ()
6273 opener = urllib2 .build_opener (urllib2 .HTTPCookieProcessor (cookie_jar ))
@@ -79,29 +90,29 @@ def main():
7990 del sys .modules [filename [:- 3 ]]
8091 module = __import__ (filename [:- 3 ].encode (sys .getfilesystemencoding () or "utf8" ))
8192 except ImportError , msg :
82- exit ("[x] cannot import WAF script '%s' (%s)" % (filename [:- 3 ], msg ))
93+ exit (colorize ( "[x] cannot import WAF script '%s' (%s)" % (filename [:- 3 ], msg ) ))
8394
8495 _ = dict (inspect .getmembers (module ))
8596 if "detect" not in _ :
86- exit ("[x] missing function 'detect(get_page)' in WAF script '%s'" % found )
97+ exit (colorize ( "[x] missing function 'detect(get_page)' in WAF script '%s'" % found ) )
8798 else :
8899 WAF_FUNCTIONS .append ((_ ["detect" ], _ .get ("__product__" , filename [:- 3 ])))
89100
90101 WAF_FUNCTIONS = sorted (WAF_FUNCTIONS , key = lambda _ : "generic" in _ [1 ].lower ())
91102
92- print "[i] %d (sqlmap's) WAF scripts loaded" % len (WAF_FUNCTIONS )
103+ print colorize ( "[i] %d WAF scripts loaded" % len (WAF_FUNCTIONS ) )
93104
94105 found = False
95106 for function , product in WAF_FUNCTIONS :
96107 if found and "unknown" in product .lower ():
97108 continue
98109
99110 if function (get_page ):
100- print "[!] WAF/IPS/IDS identified as '%s'" % product
111+ print colorize ( "[!] WAF/IPS/IDS identified as '%s'" % product )
101112 found = True
102113
103114 if not found :
104- print "[o] nothing found"
115+ print colorize ( "[o] nothing found" )
105116
106117if __name__ == "__main__" :
107118 main ()
0 commit comments