Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit af89137

Browse files
stamparmstamparm
committed
Update of WAF scripts
1 parent 1f9bf58 commit af89137

7 files changed

Lines changed: 60 additions & 6 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.2.7.28"
22+
VERSION = "1.2.8.0"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

txt/checksum.md5

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py
4848
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
4949
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
5050
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
51-
b0c61c78049b4e342aeafd2fc85430fe lib/core/settings.py
51+
355a1680a1f53013390849ca50322c0e lib/core/settings.py
5252
dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py
5353
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
5454
12bed9603b6fba3e5ffda11d584bc449 lib/core/target.py
@@ -402,19 +402,20 @@ ef722d062564def381b1f96f5faadee3 waf/baidu.py
402402
41e399dbfe7b904d5aacfb37d85e1fbf waf/blockdos.py
403403
2f3bbf43be94d4e9ffe9f80e8483d62f waf/ciscoacexml.py
404404
ba84f296cb52f5e78a0670b98d7763fa waf/cloudbric.py
405-
21b8203fdaaaac3cb7c84fa4dc0627f6 waf/cloudflare.py
405+
feda0f2a5172325f39e8e3e38c45f73d waf/cloudflare.py
406406
b16b1c15532103346d5e2f5b8bd1ed36 waf/cloudfront.py
407407
ac96f34c254951d301973617064eb1b5 waf/comodo.py
408408
56d58c982c2cf775e0f8dc6767f336fd waf/datapower.py
409409
1538b661e35843074f4599be93b3fae9 waf/denyall.py
410+
0182d23b34cf903537f77f4ec4b144bf waf/distil.py
410411
aade02eb8f6a4a214a53db0fd0f2aae6 waf/dosarrest.py
411412
357cbc0a17a44e4f64062b799c718e0b waf/dotdefender.py
412413
7ec3f2a90914b501100685aa66aadf02 waf/edgecast.py
413414
954bebd4a246d8b88794de00ccaecd3b waf/expressionengine.py
414415
a2ce6cde682f78e1fd561dc40611877e waf/fortiweb.py
415416
eb56ac34775cc3c5f721ec967d04b283 waf/generic.py
416417
1c70655551b8296ceeb19292a342e620 waf/hyperguard.py
417-
525483047474e6f15d9898b525bdafd3 waf/incapsula.py
418+
2a52c09e4ce1f2a5976ce53b415ef496 waf/incapsula.py
418419
1e5532ede194ac9c083891c2f02bca93 waf/__init__.py
419420
30ae98958fb35061d9a4145cc74c0489 waf/isaserver.py
420421
5a5c9452b9779bf39c208ebe26c98fdb waf/jiasule.py
@@ -430,6 +431,7 @@ ad7fe23004f8e0d02534c7baa877add3 waf/paloalto.py
430431
856e34d47fedfe96039a6a7807f9605a waf/profense.py
431432
166eb53544536e3e86223d513b8b688d waf/proventia.py
432433
78a40eca7ddd14c4eaf911de7748b487 waf/radware.py
434+
67864bf5e5a38cb27b5daf3581282f9e waf/reblaze.py
433435
f5d53758d2008195609557112ce8e895 waf/requestvalidationmode.py
434436
acb82b21f4032ceb510a58142add02ab waf/safe3.py
435437
67cdf508e7b1f69ddf622a87e0e5e4e8 waf/safedog.py
@@ -439,7 +441,7 @@ d1b67820442199181815ec3fce27e582 waf/secureiis.py
439441
b088cf83c1a681d143e7eaea43f52b80 waf/sonicwall.py
440442
4c412bc70007e6108d109e2911f2cefe waf/sophos.py
441443
0e244e097a648158948dc8bb2351c781 waf/stingray.py
442-
d5a5cef222f0e27f47bec3c4228e255e waf/sucuri.py
444+
9da254a2dfe22539c90bc1db0643489e waf/sucuri.py
443445
46224e3fa4b819da227c50fd45155823 waf/tencent.py
444446
dffa9cebad777308714aaf83b71635b4 waf/teros.py
445447
b37210459a13de40bf07722c4d032c33 waf/trafficshield.py

waf/cloudflare.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ def detect(get_page):
1717

1818
for vector in WAF_ATTACK_VECTORS:
1919
page, headers, code = get_page(get=vector)
20-
retval = re.search(r"cloudflare-nginx", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
20+
retval = re.search(r"cloudflare", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
2121

2222
if code >= 400:
2323
retval |= re.search(r"\A__cfduid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None

waf/distil.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
5+
See the file 'LICENSE' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "Distil Web Application Firewall Security (Distil Networks)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
_, headers, _ = get_page(get=vector)
20+
retval = headers.get("x-distil-cs") is not None
21+
if retval:
22+
break
23+
24+
return retval

waf/incapsula.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ def detect(get_page):
2020
retval = re.search(r"incap_ses|visid_incap", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
2121
retval |= re.search(r"Incapsula", headers.get("X-CDN", ""), re.I) is not None
2222
retval |= "Incapsula incident ID" in (page or "")
23+
retval |= headers.get("X-Iinfo") is not None
2324
if retval:
2425
break
2526

waf/reblaze.py

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
5+
See the file 'LICENSE' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "Reblaze Web Application Firewall (Reblaze)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
_, headers, _ = get_page(get=vector)
20+
retval = re.search(r"\Arbzid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
21+
retval |= re.search(r"Reblaze Secure Web Gateway", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
22+
if retval:
23+
break
24+
25+
return retval

waf/sucuri.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ def detect(get_page):
2121
retval |= "Access Denied - Sucuri Website Firewall" in (page or "")
2222
retval |= "Sucuri WebSite Firewall - CloudProxy - Access Denied" in (page or "")
2323
retval |= re.search(r"Questions\?.+cloudproxy@sucuri\.net", (page or "")) is not None
24+
retval |= headers.get("X-Sucuri-ID") is not None
25+
retval |= headers.get("X-Sucuri-Cache") is not None
2426
if retval:
2527
break
2628

0 commit comments

Comments
 (0)