mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-12-09 22:21:30 +00:00
Couple of patches for #3479
This commit is contained in:
Miroslav Stampar
@@ -10,15 +10,15 @@ import re
|
||||
from lib.core.enums import HTTP_HEADER
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "IBM Security Access Manager for Web WebSEAL."
|
||||
__product__ = "WebSEAL (IBM)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
_, headers, _ = get_page(get=vector)
|
||||
retval = re.search(r"WebSEAL/9.0.5.0", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
|
||||
retval |= "The Access Manager WebSEAL server received an invalid HTTP request." in (page or "") is not None
|
||||
page, headers, _ = get_page(get=vector)
|
||||
retval = re.search(r"WebSEAL", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
|
||||
retval |= any(_ in (page or "") for _ in ("This is a WebSEAL error message template file", "The Access Manager WebSEAL server received an invalid HTTP request"))
|
||||
if retval:
|
||||
break
|
||||
|
||||
Reference in New Issue
Block a user