Switching from WAF scripts to identYwaf (avoiding redundant work from my side)

2025-12-07 05:01:30 +00:00 · 2019-05-24 13:09:28 +02:00
parent ef7d4bb404
commit 0c79504ff1
98 changed files with 1534 additions and 2119 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -904,42 +904,6 @@ def _setPreprocessFunctions():
                    errMsg += "(Note: find template script at '%s')" % filename
                    raise SqlmapGenericException(errMsg)

-def _setWafFunctions():
-    """
-    Loads WAF/IPS detecting functions from script(s)
-    """
-
-    if conf.identifyWaf:
-        for found in glob.glob(os.path.join(paths.SQLMAP_WAF_PATH, "*.py")):
-            dirname, filename = os.path.split(found)
-            dirname = os.path.abspath(dirname)
-
-            if filename == "__init__.py":
-                continue
-
-            debugMsg = "loading WAF script '%s'" % filename[:-3]
-            logger.debug(debugMsg)
-
-            if dirname not in sys.path:
-                sys.path.insert(0, dirname)
-
-            try:
-                if filename[:-3] in sys.modules:
-                    del sys.modules[filename[:-3]]
-                module = __import__(safeFilepathEncode(filename[:-3]))
-            except ImportError as ex:
-                raise SqlmapSyntaxException("cannot import WAF script '%s' (%s)" % (getUnicode(filename[:-3]), getSafeExString(ex)))
-
-            _ = dict(inspect.getmembers(module))
-            if "detect" not in _:
-                errMsg = "missing function 'detect(get_page)' "
-                errMsg += "in WAF script '%s'" % found
-                raise SqlmapGenericException(errMsg)
-            else:
-                kb.wafFunctions.append((_["detect"], _.get("__product__", filename[:-3])))
-
-        kb.wafFunctions = sorted(kb.wafFunctions, key=lambda _: "generic" in _[1].lower())
-
 def _setThreads():
    if not isinstance(conf.threads, int) or conf.threads <= 0:
        conf.threads = 1
@@ -2394,10 +2358,6 @@ def _basicOptionValidation():
        errMsg = "option '-d' is incompatible with option '--dbms'"
        raise SqlmapSyntaxException(errMsg)

-    if conf.identifyWaf and conf.skipWaf:
-        errMsg = "switch '--identify-waf' is incompatible with switch '--skip-waf'"
-        raise SqlmapSyntaxException(errMsg)
-
    if conf.titles and conf.nullConnection:
        errMsg = "switch '--titles' is incompatible with switch '--null-connection'"
        raise SqlmapSyntaxException(errMsg)
@@ -2630,7 +2590,6 @@ def init():
    _listTamperingFunctions()
    _setTamperingFunctions()
    _setPreprocessFunctions()
-    _setWafFunctions()
    _setTrafficOutputFP()
    _setupHTTPCollector()
    _setHttpChunked()