Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit e01a790

Browse files
stamparmstamparm
committed
Trivial renaming update
1 parent 4b54579 commit e01a790

5 files changed

Lines changed: 13 additions & 13 deletions

File tree

lib/controller/checks.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@
8686
from lib.core.settings import FI_ERROR_REGEX
8787
from lib.core.settings import FORMAT_EXCEPTION_STRINGS
8888
from lib.core.settings import HEURISTIC_CHECK_ALPHABET
89-
from lib.core.settings import IDS_WAF_CHECK_PAYLOAD
89+
from lib.core.settings import IPS_WAF_CHECK_PAYLOAD
9090
from lib.core.settings import IDS_WAF_CHECK_RATIO
9191
from lib.core.settings import IDS_WAF_CHECK_TIMEOUT
9292
from lib.core.settings import MAX_DIFFLIB_SEQUENCE_LENGTH
@@ -1353,7 +1353,7 @@ def checkWaf():
13531353
logger.info(infoMsg)
13541354

13551355
retVal = False
1356-
payload = "%d %s" % (randomInt(), IDS_WAF_CHECK_PAYLOAD)
1356+
payload = "%d %s" % (randomInt(), IPS_WAF_CHECK_PAYLOAD)
13571357

13581358
if PLACE.URI in conf.parameters:
13591359
place = PLACE.POST

lib/core/settings.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.3.1.74"
22+
VERSION = "1.3.1.75"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@@ -536,15 +536,15 @@
536536
CHECK_INTERNET_VALUE = "IP Address Details"
537537

538538
# Payload used for checking of existence of WAF/IPS (dummier the better)
539-
IDS_WAF_CHECK_PAYLOAD = "AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert(\"XSS\")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#"
539+
IPS_WAF_CHECK_PAYLOAD = "AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert(\"XSS\")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#"
540540

541541
# Vectors used for provoking specific WAF/IPS behavior(s)
542542
WAF_ATTACK_VECTORS = (
543543
"", # NIL
544544
"search=<script>alert(1)</script>",
545545
"file=../../../../etc/passwd",
546546
"q=<invalid>foobar",
547-
"id=1 %s" % IDS_WAF_CHECK_PAYLOAD
547+
"id=1 %s" % IPS_WAF_CHECK_PAYLOAD
548548
)
549549

550550
# Used for status representation in dictionary attack phase

lib/request/connect.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ class WebSocketException(Exception):
103103
from lib.core.settings import META_REFRESH_REGEX
104104
from lib.core.settings import MIN_TIME_RESPONSES
105105
from lib.core.settings import MAX_TIME_RESPONSES
106-
from lib.core.settings import IDS_WAF_CHECK_PAYLOAD
106+
from lib.core.settings import IPS_WAF_CHECK_PAYLOAD
107107
from lib.core.settings import IS_WIN
108108
from lib.core.settings import LARGE_CHUNK_TRIM_MARKER
109109
from lib.core.settings import PAYLOAD_DELIMITER
@@ -1284,7 +1284,7 @@ def _randomizeParameter(paramString, randomParameter):
12841284

12851285
if conf.secondUrl:
12861286
page, headers, code = Connect.getPage(url=conf.secondUrl, cookie=cookie, ua=ua, silent=silent, auxHeaders=auxHeaders, response=response, raise404=False, ignoreTimeout=timeBasedCompare, refreshing=True)
1287-
elif kb.secondReq and IDS_WAF_CHECK_PAYLOAD not in urllib.unquote(value or ""):
1287+
elif kb.secondReq and IPS_WAF_CHECK_PAYLOAD not in urllib.unquote(value or ""):
12881288
def _(value):
12891289
if kb.customInjectionMark in (value or ""):
12901290
if payload is None:

txt/checksum.md5

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ fb6be55d21a70765e35549af2484f762 extra/sqlharvest/__init__.py
2424
fb6be55d21a70765e35549af2484f762 extra/wafdetectify/__init__.py
2525
aec73042403993076f478da48066a79e extra/wafdetectify/wafdetectify.py
2626
ec782b9cdb8d857a80b6ecf0f32db7f4 lib/controller/action.py
27-
9f12e798cb9b194a61f8e278c689fb22 lib/controller/checks.py
27+
d392dbccdb59ac36530c1182675a2609 lib/controller/checks.py
2828
b37a93767459162b30798bd9732a12a3 lib/controller/controller.py
2929
c1da277517c7ec4c23e953a51b51e203 lib/controller/handler.py
3030
fb6be55d21a70765e35549af2484f762 lib/controller/__init__.py
@@ -50,7 +50,7 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
5050
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
5151
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
5252
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
53-
f59bb60ed2e0a30ed73b1ff174e2d950 lib/core/settings.py
53+
4452b55a638f30718bddea46b64db046 lib/core/settings.py
5454
4483b4a5b601d8f1c4281071dff21ecc lib/core/shell.py
5555
10fd19b0716ed261e6d04f311f6f527c lib/core/subprocessng.py
5656
9c7b5c6397fb3da33e7a4d7876d159c6 lib/core/target.py
@@ -72,7 +72,7 @@ adcecd2d6a8667b22872a563eb83eac0 lib/parse/payloads.py
7272
e4ea70bcd461f5176867dcd89d372386 lib/request/basicauthhandler.py
7373
97b7577fdfe3d8537fe9ea3a070d0507 lib/request/basic.py
7474
fc25d951217077fe655ed2a3a81552ae lib/request/comparison.py
75-
27927a37edfa9c2dfb6e5de9e859d10f lib/request/connect.py
75+
28faffc0aeb0d8a3e78063f195488536 lib/request/connect.py
7676
7cba86090b02558f04c6692cef66e772 lib/request/direct.py
7777
2b7509ba38a667c61cefff036ec4ca6f lib/request/dns.py
7878
ceac6b3bf1f726f8ff43c6814e9d7281 lib/request/httpshandler.py
@@ -422,7 +422,7 @@ af079de99a8ec6988d28aa4c0aa32cf9 waf/cloudbric.py
422422
a8412619d7f26ed6bc9e0b20a57b2324 waf/edgecast.py
423423
5df01dde939c0d22bc163730873e9854 waf/expressionengine.py
424424
588d2f9a8f201e120e74e508564cb487 waf/fortiweb.py
425-
0e9eb20967d2dde941cca8c663a63e1f waf/generic.py
425+
447f6d63b6f691a852ca198afaaac4a6 waf/generic.py
426426
4ea580dd1b9679bd733866976ad5d81e waf/godaddy.py
427427
27385b15477031a3aff25df601a1ff51 waf/greywizard.py
428428
256a7ea2c1cd2745fe788cf8f6123f8a waf/imunify360.py

waf/generic.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99

1010
from lib.core.data import kb
1111
from lib.core.settings import GENERIC_PROTECTION_REGEX
12-
from lib.core.settings import IDS_WAF_CHECK_PAYLOAD
12+
from lib.core.settings import IPS_WAF_CHECK_PAYLOAD
1313
from lib.core.settings import WAF_ATTACK_VECTORS
1414

1515
__product__ = "Generic (Unknown)"
@@ -24,7 +24,7 @@ def detect(get_page):
2424
for vector in WAF_ATTACK_VECTORS:
2525
page, headers, code = get_page(get=vector)
2626

27-
if code >= 400 or (IDS_WAF_CHECK_PAYLOAD in vector and (code is None or re.search(GENERIC_PROTECTION_REGEX, page or "") and not re.search(GENERIC_PROTECTION_REGEX, original or ""))):
27+
if code >= 400 or (IPS_WAF_CHECK_PAYLOAD in vector and (code is None or re.search(GENERIC_PROTECTION_REGEX, page or "") and not re.search(GENERIC_PROTECTION_REGEX, original or ""))):
2828
if code is not None:
2929
kb.wafSpecificResponse = "HTTP/1.1 %s\n%s\n%s" % (code, "".join(_ for _ in (headers.headers if headers else {}) or [] if not _.startswith("URI")), page)
3030

0 commit comments

Comments
 (0)