PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Update related to the #2806

Browse Source
This commit is contained in:
Miroslav Stampar
2017-11-27 22:24:44 +01:00
parent f60727a891
commit 5899fd5ef2
3 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
waf/bigip.py
View File

@@ -16,13 +16,14 @@ def detect(get_page):
retval = False
for vector in WAF_ATTACK_VECTORS:
_, headers, _ = get_page(get=vector)
_, headers, code = get_page(get=vector)
retval = headers.get("X-Cnection", "").lower() == "close"
retval |= headers.get("X-WA-Info") is not None
retval |= re.search(r"\ATS\w{4,}=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
retval |= re.search(r"BigIP|BIGipServer", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
retval |= re.search(r"\AF5\Z", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
retval &= code >= 400
if retval:
break