Improve plugins' performance (EnableSecurity#170)

* Optimize plugins with "any()" check * Optimize plugins with "all()" check * Optimize plugins with multiple schemas
Edgio · Jan 6, 2023 · 66bfb1e · 66bfb1e
1 parent d60c9e1
commit 66bfb1e
Show file tree

Hide file tree

Showing 157 changed files with 1,673 additions and 1,211 deletions.
diff --git a/wafw00f/plugins/aesecure.py b/wafw00f/plugins/aesecure.py
@@ -8,10 +8,10 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('aeSecure-code', '.+?')),
-        self.matchContent(r'aesecure_denied\.png')
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('aeSecure-code', '.+?')):
         return True
-    return False
+
+    if self.matchContent(r'aesecure_denied\.png'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/airee.py b/wafw00f/plugins/airee.py
@@ -8,11 +8,13 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('Server', 'Airee')),
-        self.matchHeader(('X-Cache', r'(\w+\.)?airee\.cloud')),
-        self.matchContent(r'airee\.cloud')
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('Server', 'Airee')):
         return True
-    return False
+
+    if self.matchHeader(('X-Cache', r'(\w+\.)?airee\.cloud')):
+        return True
+
+    if self.matchContent(r'airee\.cloud'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/airlock.py b/wafw00f/plugins/airlock.py
@@ -8,11 +8,11 @@
 
 
 def is_waf(self):
-    schemes = [
-        # This method of detection is old (though most reliable), so we check it first
-        self.matchCookie(r'^al[_-]?(sess|lb)='),
-        self.matchContent(r'server detected a syntax error in your request')
-        ]
-    if any(i for i in schemes):
+    # This method of detection is old (though most reliable), so we check it first
+    if self.matchCookie(r'^al[_-]?(sess|lb)='):
         return True
-    return False
+
+    if self.matchContent(r'server detected a syntax error in your request'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/alertlogic.py b/wafw00f/plugins/alertlogic.py
@@ -8,13 +8,19 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'<(title|h\d{1})>requested url cannot be found'),
-        self.matchContent(r'we are sorry.{0,10}?but the page you are looking for cannot be found'),
-        self.matchContent(r'back to previous page'),
-        self.matchContent(r'proceed to homepage'),
-        self.matchContent(r'reference id'),
-        ]
-    if all(i for i in schemes):
-        return True
-    return False
+    if not self.matchContent(r'<(title|h\d{1})>requested url cannot be found'):
+        return False
+
+    if not self.matchContent(r'we are sorry.{0,10}?but the page you are looking for cannot be found'):
+        return False
+
+    if not self.matchContent(r'back to previous page'):
+        return False
+
+    if not self.matchContent(r'proceed to homepage'):
+        return False
+
+    if not self.matchContent(r'reference id'):
+        return False
+
+    return True
diff --git a/wafw00f/plugins/aliyundun.py b/wafw00f/plugins/aliyundun.py
@@ -8,12 +8,16 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'error(s)?\.aliyun(dun)?\.(com|net)?'),
-        self.matchCookie(r'^aliyungf_tc='),
-        self.matchContent(r'cdn\.aliyun(cs)?\.com'),
-        self.matchStatus(405)
-        ]
-    if all(i for i in schemes):
-        return True
-    return False
+    if not self.matchContent(r'error(s)?\.aliyun(dun)?\.(com|net)?'):
+        return False
+
+    if not self.matchCookie(r'^aliyungf_tc='):
+        return False
+
+    if not self.matchContent(r'cdn\.aliyun(cs)?\.com'):
+        return False
+
+    if not self.matchStatus(405):
+        return False
+
+    return True
diff --git a/wafw00f/plugins/anquanbao.py b/wafw00f/plugins/anquanbao.py
@@ -8,10 +8,10 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('X-Powered-By-Anquanbao', '.+?')),
-        self.matchContent(r'aqb_cc/error/')
-        ]
-    if any(i for i in schemes):
+    if self.matchHeader(('X-Powered-By-Anquanbao', '.+?')):
         return True
-    return False
+
+    if self.matchContent(r'aqb_cc/error/'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/anyu.py b/wafw00f/plugins/anyu.py
@@ -8,10 +8,10 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'anyu.{0,10}?the green channel'),
-        self.matchContent(r'your access has been intercepted by anyu')
-        ]
-    if any(i for i in schemes):
+    if self.matchContent(r'anyu.{0,10}?the green channel'):
         return True
-    return False
+
+    if self.matchContent(r'your access has been intercepted by anyu'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/approach.py b/wafw00f/plugins/approach.py
@@ -8,11 +8,11 @@
 
 
 def is_waf(self):
-    schemes = [
-        # This method of detection is old (though most reliable), so we check it first
-        self.matchContent(r'approach.{0,10}?web application (firewall|filtering)'),
-        self.matchContent(r'approach.{0,10}?infrastructure team')
-        ]
-    if any(i for i in schemes):
+    # This method of detection is old (though most reliable), so we check it first
+    if self.matchContent(r'approach.{0,10}?web application (firewall|filtering)'):
         return True
-    return False
+
+    if self.matchContent(r'approach.{0,10}?infrastructure team'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/armor.py b/wafw00f/plugins/armor.py
@@ -8,10 +8,10 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'blocked by website protection from armor'),
-        self.matchContent(r'please create an armor support ticket')
-    ]
-    if any(i for i in schemes):
+    if self.matchContent(r'blocked by website protection from armor'):
         return True
-    return False
+
+    if self.matchContent(r'please create an armor support ticket'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/arvancloud.py b/wafw00f/plugins/arvancloud.py
@@ -8,9 +8,7 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('Server', 'ArvanCloud'))
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('Server', 'ArvanCloud')):
         return True
-    return False
+
+    return False
diff --git a/wafw00f/plugins/aspa.py b/wafw00f/plugins/aspa.py
@@ -8,10 +8,10 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('Server', r'ASPA[\-_]?WAF')),
-        self.matchHeader(('ASPA-Cache-Status', r'.+?'))
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('Server', r'ASPA[\-_]?WAF')):
         return True
-    return False
+
+    if self.matchHeader(('ASPA-Cache-Status', r'.+?')):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/aspnetgen.py b/wafw00f/plugins/aspnetgen.py
@@ -8,12 +8,16 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'iis (\d+.)+?detailed error'),
-        self.matchContent(r'potentially dangerous request querystring'),
-        self.matchContent(r'application error from being viewed remotely (for security reasons)?'),
-        self.matchContent(r'An application error occurred on the server'),
-    ]
-    if any(i for i in schemes):
+    if self.matchContent(r'iis (\d+.)+?detailed error'):
         return True
-    return False
+
+    if self.matchContent(r'potentially dangerous request querystring'):
+        return True
+
+    if self.matchContent(r'application error from being viewed remotely (for security reasons)?'):
+        return True
+
+    if self.matchContent(r'An application error occurred on the server'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/astra.py b/wafw00f/plugins/astra.py
@@ -8,11 +8,13 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchCookie(r'^cz_astra_csrf_cookie'),
-        self.matchContent(r'astrawebsecurity\.freshdesk\.com'),
-        self.matchContent(r'www\.getastra\.com/assets/images')
-    ]
-    if any(i for i in schemes):
+    if self.matchCookie(r'^cz_astra_csrf_cookie'):
         return True
-    return False
+
+    if self.matchContent(r'astrawebsecurity\.freshdesk\.com'):
+        return True
+
+    if self.matchContent(r'www\.getastra\.com/assets/images'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/awswaf.py b/wafw00f/plugins/awswaf.py
@@ -8,12 +8,16 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('X-AMZ-ID', '.+?')),
-        self.matchHeader(('X-AMZ-Request-ID', '.+?')),
-        self.matchCookie(r'^aws.?alb='),
-        self.matchHeader(('Server', r'aws.?elb'), attack=True)
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('X-AMZ-ID', '.+?')):
         return True
-    return False
+
+    if self.matchHeader(('X-AMZ-Request-ID', '.+?')):
+        return True
+
+    if self.matchCookie(r'^aws.?alb='):
+        return True
+
+    if self.matchHeader(('Server', r'aws.?elb'), attack=True):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/azion.py b/wafw00f/plugins/azion.py
@@ -8,9 +8,7 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('Server', r'Azion([-_]CDN)?'))
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('Server', r'Azion([-_]CDN)?')):
         return True
-    return False
+
+    return False
diff --git a/wafw00f/plugins/baidu.py b/wafw00f/plugins/baidu.py
@@ -8,9 +8,7 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchHeader(('Server', r'Yunjiasu(.+)?'))
-    ]
-    if any(i for i in schemes):
+    if self.matchHeader(('Server', r'Yunjiasu(.+)?')):
         return True
-    return False
+
+    return False
diff --git a/wafw00f/plugins/barikode.py b/wafw00f/plugins/barikode.py
@@ -8,9 +8,7 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchContent(r'<strong>barikode<.strong>'),
-    ]
-    if any(i for i in schemes):
+    if self.matchContent(r'<strong>barikode<.strong>'):
         return True
-    return False
+
+    return False
diff --git a/wafw00f/plugins/barracuda.py b/wafw00f/plugins/barracuda.py
@@ -8,13 +8,19 @@
 
 
 def is_waf(self):
-    schemes = [
-        self.matchCookie(r'^barra_counter_session='),
-        self.matchCookie(r'^BNI__BARRACUDA_LB_COOKIE='),
-        self.matchCookie(r'^BNI_persistence='),
-        self.matchCookie(r'^BN[IE]S_.*?='),
-        self.matchContent(r'Barracuda.Networks')
-    ]
-    if any(i for i in schemes):
+    if self.matchCookie(r'^barra_counter_session='):
         return True
-    return False
+
+    if self.matchCookie(r'^BNI__BARRACUDA_LB_COOKIE='):
+        return True
+
+    if self.matchCookie(r'^BNI_persistence='):
+        return True
+
+    if self.matchCookie(r'^BN[IE]S_.*?='):
+        return True
+
+    if self.matchContent(r'Barracuda.Networks'):
+        return True
+
+    return False
diff --git a/wafw00f/plugins/bekchy.py b/wafw00f/plugins/bekchy.py
@@ -8,14 +8,14 @@
 
 
 def is_waf(self):
-    schemes = [
-        # Both signatures are contained within response, so checking for any one of them
-        # Sometimes I observed that there is an XHR request being being made to submit the 
-        # report data automatically upon page load. In those cases a missing https is causing
-        # false negatives.
-        self.matchContent(r'Bekchy.{0,10}?Access Denied'),
-        self.matchContent(r'bekchy\.com/report')
-    ]
-    if any(i for i in schemes):
+    # Both signatures are contained within response, so checking for any one of them
+    # Sometimes I observed that there is an XHR request being being made to submit the
+    # report data automatically upon page load. In those cases a missing https is causing
+    # false negatives.
+    if self.matchContent(r'Bekchy.{0,10}?Access Denied'):
         return True
-    return False
+
+    if self.matchContent(r'bekchy\.com/report'):
+        return True
+
+    return False