Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
0xInfection committed Jan 22, 2021
1 parent 093195c commit b359602
Showing 1 changed file with 18 additions and 16 deletions.
34 changes: 18 additions & 16 deletions wafw00f/main.py
100755 → 100644
Original file line number Diff line number Diff line change
Expand Up @@ -137,20 +137,22 @@ def genericdetect(self):
return True

# Checking for the Server header after sending malicious requests
normalserver, attackresponse_server = '', ''
response = self.attackres
normalserver = resp1.headers.get('Server')
attackresponse_server = response.headers.get('Server')
if attackresponse_server:
if attackresponse_server != normalserver:
self.log.info('Server header changed, WAF possibly detected')
self.log.debug('Attack response: %s' % attackresponse_server)
self.log.debug('Normal response: %s' % normalserver)
reason = reasons[1]
reason += '\r\nThe server header for a normal response is "%s",' % normalserver
reason += ' while the server header a response to an attack is "%s",' % attackresponse_server
self.knowledge['generic']['reason'] = reason
self.knowledge['generic']['found'] = True
return True
if 'server' in resp1.headers:
normalserver = resp1.headers.get('Server')
if 'server' in response.headers:
attackresponse_server = response.headers.get('Server')
if attackresponse_server != normalserver:
self.log.info('Server header changed, WAF possibly detected')
self.log.debug('Attack response: %s' % attackresponse_server)
self.log.debug('Normal response: %s' % normalserver)
reason = reasons[1]
reason += '\r\nThe server header for a normal response is "%s",' % normalserver
reason += ' while the server header a response to an attack is "%s",' % attackresponse_server
self.knowledge['generic']['reason'] = reason
self.knowledge['generic']['found'] = True
return True

# If at all request doesn't go, press F
except RequestBlocked:
Expand Down Expand Up @@ -340,7 +342,7 @@ def main():
try:
m = [i.replace(')', '').split(' (') for i in wafdetectionsprio]
print(R+' WAF Name'+' '*24+'Manufacturer\n '+'-'*8+' '*24+'-'*12+'\n')
max_len = max(len(str(x)) for k in m for x in k)
max_len = max(len(str(x)) for k in m for x in k)
for inner in m:
first = True
for elem in inner:
Expand Down Expand Up @@ -382,7 +384,7 @@ def main():
elif options.input.endswith('.csv'):
columns = defaultdict(list)
with open(options.input) as f:
reader = csv.DictReader(f)
reader = csv.DictReader(f)
for row in reader:
for (k,v) in row.items():
columns[k].append(v)
Expand Down Expand Up @@ -462,7 +464,7 @@ def main():
elif options.output.endswith('.csv'):
log.debug("Exporting data in csv format to file: %s" % (options.output))
with open(options.output, 'w') as outfile:
csvwriter = csv.writer(outfile, delimiter=',', quotechar='"',
csvwriter = csv.writer(outfile, delimiter=',', quotechar='"',
quoting=csv.QUOTE_MINIMAL)
count = 0
for result in results:
Expand Down

0 comments on commit b359602

Please sign in to comment.