MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / checkWaf

Function checkWaf

lib/controller/checks.py:1337–1411  ·  view source on GitHub ↗

Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse

()

Source from the content-addressed store, hash-verified

1335
1336@stackedmethod
1337def checkWaf():
1338 """
1339 Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse
1340 """
1341
1342 if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline, conf.skipWaf)):
1343 return None
1344
1345 if kb.originalCode == _http_client.NOT_FOUND:
1346 return None
1347
1348 _ = hashDBRetrieve(HASHDB_KEYS.CHECK_WAF_RESULT, True)
1349 if _ is not None:
1350 if _:
1351 warnMsg = "previous heuristics detected that the target "
1352 warnMsg += "is protected by some kind of WAF/IPS"
1353 logger.critical(warnMsg)
1354 return _
1355
1356 if not kb.originalPage:
1357 return None
1358
1359 infoMsg = "checking if the target is protected by "
1360 infoMsg += "some kind of WAF/IPS"
1361 logger.info(infoMsg)
1362
1363 retVal = False
1364 payload = "%d %s" % (randomInt(), IPS_WAF_CHECK_PAYLOAD)
1365
1366 place = PLACE.GET
1367 if PLACE.URI in conf.parameters:
1368 value = "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload))
1369 else:
1370 value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
1371 value += "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload))
1372
1373 pushValue(kb.choices.redirect)
1374 pushValue(kb.resendPostOnRedirect)
1375 pushValue(conf.timeout)
1376
1377 kb.choices.redirect = REDIRECTION.YES
1378 kb.resendPostOnRedirect = False
1379 conf.timeout = IPS_WAF_CHECK_TIMEOUT
1380
1381 try:
1382 retVal = (Request.queryPage(place=place, value=value, getRatioValue=True, noteResponseTime=False, silent=True, raise404=False, disableTampering=True)[1] or 0) < IPS_WAF_CHECK_RATIO
1383 except SqlmapConnectionException:
1384 retVal = True
1385 finally:
1386 kb.matchRatio = None
1387
1388 conf.timeout = popValue()
1389 kb.resendPostOnRedirect = popValue()
1390 kb.choices.redirect = popValue()
1391
1392 hashDBWrite(HASHDB_KEYS.CHECK_WAF_RESULT, retVal, True)
1393
1394 if retVal:

Callers 1

startFunction · 0.90

Calls 12

hashDBRetrieveFunction · 0.90
randomIntFunction · 0.90
randomStrFunction · 0.90
pushValueFunction · 0.90
popValueFunction · 0.90
hashDBWriteFunction · 0.90
readInputFunction · 0.90
singleTimeWarnMessageFunction · 0.90
infoMethod · 0.80
addPayloadDelimitersMethod · 0.80
queryPageMethod · 0.80
getMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…