Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8a2f281

Browse files
stamparmstamparm
committed
Merge pull request #1029 from flsf/master
add some waf scripts
2 parents 4c6331d + a56dcc1 commit 8a2f281

5 files changed

Lines changed: 97 additions & 0 deletions

File tree

waf/360.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "360 Web Application Firewall (360wzb)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
page, headers, code = get_page(get=vector)
20+
retval = re.search(r"wangzhan\.360\.cn", headers.get("X-Powered-By-360wzb", ""), re.I) is not None
21+
if retval:
22+
break
23+
24+
return retval

waf/anquanbao.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "Anquanbao Web Application Firewall (Anquanbao)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
page, headers, code = get_page(get=vector)
20+
retval = re.search(r"MISS", headers.get("X-Powered-By-Anquanbao", ""), re.I) is not None
21+
if retval:
22+
break
23+
24+
return retval

waf/baidu.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "Baidu Web Application Firewall (Baidu yunjiasu)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
page, headers, code = get_page(get=vector)
20+
retval = re.search(r"fhl", headers.get("X-Server", ""), re.I) is not None
21+
if retval:
22+
break
23+
24+
return retval

waf/jiasule.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ def detect(get_page):
1818
for vector in WAF_ATTACK_VECTORS:
1919
page, headers, code = get_page(get=vector)
2020
retval = re.search(r"jiasule-WAF", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
21+
retval |= re.search(r"__jsluid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
2122
retval |= re.search(r"static\.jiasule\.com/static/js/http_error\.js", page, re.I) is not None
2223
if retval:
2324
break

waf/safedog.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import HTTP_HEADER
11+
from lib.core.settings import WAF_ATTACK_VECTORS
12+
13+
__product__ = "Safedog Web Application Firewall (safedog)"
14+
15+
def detect(get_page):
16+
retval = False
17+
18+
for vector in WAF_ATTACK_VECTORS:
19+
page, headers, code = get_page(get=vector)
20+
retval = re.search(r"WAF/2.0", headers.get("X-Powered-By", ""), re.I) is not None
21+
if retval:
22+
break
23+
24+
return retval

0 commit comments

Comments
 (0)