MCPcopy
hub / github.com/s0md3v/XSStrike / wafDetector

Function wafDetector

core/wafDetector.py:11–50  ·  view source on GitHub ↗
(url, params, headers, GET, delay, timeout)

Source from the content-addressed store, hash-verified

9
10
11def wafDetector(url, params, headers, GET, delay, timeout):
12 with open(sys.path[0] + '/db/wafSignatures.json', 'r') as file:
13 wafSignatures = json.load(file)
14 # a payload which is noisy enough to provoke the WAF
15 noise = '<script>alert("XSS")</script>'
16 params['xss'] = noise
17 # Opens the noise injected payload
18 response = requester(url, params, headers, GET, delay, timeout)
19 page = response.text
20 code = str(response.status_code)
21 headers = str(response.headers)
22 logger.debug('Waf Detector code: {}'.format(code))
23 logger.debug_json('Waf Detector headers:', response.headers)
24
25 if int(code) >= 400:
26 bestMatch = [0, None]
27 for wafName, wafSignature in wafSignatures.items():
28 score = 0
29 pageSign = wafSignature['page']
30 codeSign = wafSignature['code']
31 headersSign = wafSignature['headers']
32 if pageSign:
33 if re.search(pageSign, page, re.I):
34 score += 1
35 if codeSign:
36 if re.search(codeSign, code, re.I):
37 score += 0.5 # increase the overall score by a smaller amount because http codes aren't strong indicators
38 if headersSign:
39 if re.search(headersSign, headers, re.I):
40 score += 1
41 # if the overall score of the waf is higher than the previous one
42 if score > bestMatch[0]:
43 del bestMatch[:] # delete the previous one
44 bestMatch.extend([score, wafName]) # and add this one
45 if bestMatch[0] != 0:
46 return bestMatch[1]
47 else:
48 return None
49 else:
50 return None

Callers 2

scanFunction · 0.90
singleFuzzFunction · 0.90

Calls 2

requesterFunction · 0.90
formatMethod · 0.80

Tested by

no test coverage detected