• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• Vxscan-master
  • script
    • rsync_unauthorized_access.py
    • solr_rce_via_velocity.py
    • thinkphp_5_0_23_rce.py
    • jboss_jmx_console.py
    • phpinfo.py
    • leaks.py
    • apache_struts_all.py
    • get_title.py
    • find_admin.py
    • thinkphp5_rce_1.py
    • django_urljump.py
    • redis_unauthorized_access.py
    • docker_unauthorized_access.py
    • Weblogic_CVE_2017_10271_RCE.py
    • zabbix_jsrpc_sqli.py
    • mongodb_unauthorized_access.py
    • zookeeper_unauthorized_access.py
    • ftp_anonymous.py
    • solr_unauthorized_access.py
    • fingerprint.py
    • pulse_cve_2019_11510.py
    • memcached_unauthorized_access.py
    • http_put.py
  • report
    • report.htm
    • en.js
    • vue.min.js
    • bootstrap.min.css
    • fonts
      • element-icons.woff
      • element-icons.ttf
  • report.py
  • LICENSE
  • lib
    • Requests.py
    • sqldb.py
    • cli_output.py
    • options.py
    • web_info.py
    • verify.py
    • vuln.py
    • iscdn.py
    • bcolors.py
    • common.py
    • settings.py
    • waf.py
    • url.py
    • random_header.py
  • plugins
    • InformationGathering
      • geoip.py
      • js_leaks.py
    • ActiveReconnaissance
      • robots.py
      • crawl.py
      • osdetect.py
      • check_waf.py
      • active.py
    • PassiveReconnaissance
      • ip_history.py
      • reverse_domain.py
      • virustotal.py
      • wappalyzer.py
    • Scanning
      • dir_scan.py
      • port_scan.py
      • async_scan.py
  • .gitattributes
  • data
    • password.txt
    • path
      • asp.txt
      • dir.txt
      • php.txt
      • txt.txt
      • jsp.txt
      • other.txt
    • apps.txt
  • Vxscan.py
  • .travis.yml
  • README.md
  • README.zh-CN.md
  • requirements.txt
  • .gitignore
  • analyzer.py
  • doc

import logging
import re

from lib.Requests import Requests
from lib.iscdn import iscdn
from lib.url import parse_host
from lib.waf import WAF_RULE

'''
WAF 检测思路
发送Payload触发WAF拦截机制，根据响应头字段或者响应体拦截内容判断WAF
'''

payload = (
    "/index.php?id=1 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert(XSS)</script>',table_name FROM information_schema.tables WHERE 2>1--/**/",
    "/../../../etc/passwd", "/.git/", "/phpinfo.php")


def verify(headers, content):
    for i in WAF_RULE:
        name, method, position, regex = i.split('|')
        if method == 'headers':
            if headers.get(position) is not None:
                if re.search(regex, str(headers.get(position))) is not None:
                    return name
        else:
            if re.search(regex, str(content)):
                return name

    return 'NoWAF'


def checkwaf(url):
    result = 'NoWAF'
    host = parse_host(url)

    if not iscdn(host):
        return 'CDN IP'

    try:
        req = Requests()
        r = req.get(url)
        result = verify(r.headers, r.text)
        if result == 'NoWAF':
            for i in payload:
                r = req.get(url + i)
                result = verify(r.headers, r.text)
                if result != 'NoWAF':
                    return result
        else:
            return result
    except (UnboundLocalError, AttributeError):
        pass
    except Exception as e:
        logging.exception(e)


if __name__ == "__main__":
    out = checkwaf('http://127.0.0.1')
    print(out)