Implementation for an Issue #2137

2026-01-22 14:19:03 +00:00 · 2016-09-27 13:26:11 +02:00
parent ba0facb5eb
commit 381deb68ff
3 changed files with 12 additions and 10 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1329,7 +1329,7 @@ def identifyWaf():
            kb.redirectChoice = popValue()
        return page or "", headers or {}, code

-    retVal = False
+    retVal = []

    for function, product in kb.wafFunctions:
        try:
@@ -1343,18 +1343,20 @@ def identifyWaf():
            found = False

        if found:
-            retVal = product
-            break
+            errMsg = "WAF/IDS/IPS identified as '%s'" % product
+            logger.critical(errMsg)
+
+            retVal.append(product)

    if retVal:
-        errMsg = "WAF/IDS/IPS identified as '%s'. Please " % retVal
-        errMsg += "consider usage of tamper scripts (option '--tamper')"
-        logger.critical(errMsg)
-
        message = "are you sure that you want to "
        message += "continue with further target testing? [y/N] "
        output = readInput(message, default="N")

+        if not conf.tamper:
+            warnMsg = "please consider usage of tamper scripts (option '--tamper')"
+            singleTimeWarnMessage(warnMsg)
+
        if output and output[0] not in ("Y", "y"):
            raise SqlmapUserQuitException
    else:
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import OS
 from lib.core.revision import getRevisionNumber

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.9.39"
+VERSION = "1.0.9.40"
 REVISION = getRevisionNumber()
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}