Add custom headers (except for user agent) for generic detection (Ena…

…bleSecurity#128) * Add custom headers (except for user agent) for generic detection This is needed for HTTP Basic Authentication for example, which will get detected as a generic WAF otherwise. * Using default headers instead of hardcoded ones for generic testing Co-authored-by: Pinaki <[email protected]>
Edgio · Apr 11, 2021 · 4aeeaf9 · 4aeeaf9
1 parent e3e6147
commit 4aeeaf9
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/wafw00f/main.py b/wafw00f/main.py
@@ -89,7 +89,7 @@ def genericdetect(self):
             resp1 = self.performCheck(self.normalRequest)
             if 'User-Agent' in self.headers:
                 del self.headers['User-Agent']  # Deleting the user-agent key from object not dict.
-            resp3 = self.customRequest(headers=def_headers)
+            resp3 = self.customRequest(headers=self.headers)
             if resp1.status_code != resp3.status_code:
                 self.log.info('Server returned a different response when request didn\'t contain the User-Agent header.')
                 reason = reasons[4]