mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-12-09 14:11:29 +00:00
New WAF scripts
This commit is contained in:
Miroslav Stampar
19
waf/cleantalk.py
Normal file
19
waf/cleantalk.py
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "CleanTalk Web Application FireWall (CleanTalk)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = any(_ in (page or "") for _ in ("Blocked by Web Application Firewall", "Security by CleanTalk"))
|
||||
|
||||
return retval
|
||||
19
waf/godaddy.py
Normal file
19
waf/godaddy.py
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "GoDaddy Website Firewall (GoDaddy Inc.)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = any(_ in (page or "") for _ in ("Access Denied - GoDaddy Website Firewall", "<title>GoDaddy Security - Access Denied</title>"))
|
||||
|
||||
return retval
|
||||
22
waf/malcare.py
Normal file
22
waf/malcare.py
Normal file
@@ -0,0 +1,22 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
import re
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "MalCare (Inactiv.com Media Solutions Pvt Ltd.)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = "Blocked because of Malicious Activities" in (page or "")
|
||||
retval |= re.search(r"Firewall(<[^>]+>)*powered by(<[^>]+>)*MalCare", page or "") is not None
|
||||
|
||||
return retval
|
||||
20
waf/ninjafirewall.py
Normal file
20
waf/ninjafirewall.py
Normal file
@@ -0,0 +1,20 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "NinjaFirewall (NinTechNet)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = "<title>NinjaFirewall: 403 Forbidden" in (page or "")
|
||||
retval |= all(_ in (page or "") for _ in ("For security reasons, it was blocked and logged", "NinjaFirewall"))
|
||||
|
||||
return retval
|
||||
19
waf/rsfirewall.py
Normal file
19
waf/rsfirewall.py
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "RSFirewall (RSJoomla!)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = any(_ in (page or "") for _ in ("COM_RSFIREWALL_403_FORBIDDEN", "COM_RSFIREWALL_EVENT"))
|
||||
|
||||
return retval
|
||||
19
waf/shieldsecurity.py
Normal file
19
waf/shieldsecurity.py
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "Shield Security (One Dollar Plugin)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = "Something in the URL, Form or Cookie data wasn't appropriate" in (page or "")
|
||||
|
||||
return retval
|
||||
19
waf/virusdie.py
Normal file
19
waf/virusdie.py
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||
See the file 'LICENSE' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||
|
||||
__product__ = "Virusdie (Virusdie LLC)"
|
||||
|
||||
def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
page, _, _ = get_page(get=vector)
|
||||
retval = any(_ in (page or "") for _ in ("| Virusdie</title>", "http://cdn.virusdie.ru/splash/firewallstop.png", "© Virusdie.ru</p>"))
|
||||
|
||||
return retval
|
||||
@@ -16,8 +16,9 @@ def detect(get_page):
|
||||
retval = False
|
||||
|
||||
for vector in WAF_ATTACK_VECTORS:
|
||||
_, headers, code = get_page(get=vector)
|
||||
page, headers, code = get_page(get=vector)
|
||||
retval = code >= 400 and re.search(r"\AWatchGuard", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
|
||||
retval |= "Request denied by WatchGuard Firewall" in (page or "")
|
||||
if retval:
|
||||
break
|
||||
|
||||
|
||||
Reference in New Issue
Block a user