You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
'''
|
|
|
|
|
|
Copyright (C) 2020, WAFW00F Developers.
|
|
|
|
|
|
See the LICENSE file for copying permission.
|
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
|
|
NAME = 'ZScaler (Accenture)'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def is_waf(self):
|
|
|
|
|
|
# 定义用于检测是否存在特定 Web 应用防火墙(WAF)的方案列表。
|
|
|
|
|
|
schemes = [
|
|
|
|
|
|
# 检查响应头中的'Server'字段是否为'ZScaler'。
|
|
|
|
|
|
self.matchHeader(('Server', r'ZScaler')),
|
|
|
|
|
|
# 检查响应内容中是否包含'Access Denied.(最多十个任意字符)Accenture Policy'。
|
|
|
|
|
|
self.matchContent(r"Access Denied.{0,10}?Accenture Policy"),
|
|
|
|
|
|
# 检查响应内容中是否包含'policies.accenture.com'。
|
|
|
|
|
|
self.matchContent(r'policies\.accenture\.com'),
|
|
|
|
|
|
# 检查响应内容中是否包含'login.zscloud.net/img_logo_new1.png'。
|
|
|
|
|
|
self.matchContent(r'login\.zscloud\.net/img_logo_new1\.png'),
|
|
|
|
|
|
# 检查响应内容中是否包含'Zscaler to protect you from internet threats'。
|
|
|
|
|
|
self.matchContent(r'Zscaler to protect you from internet threats'),
|
|
|
|
|
|
# 检查响应内容中是否包含'Internet Security by ZScaler'。
|
|
|
|
|
|
self.matchContent(r"Internet Security by ZScaler"),
|
|
|
|
|
|
# 检查响应内容中是否包含'Accenture.(最多十个任意字符)webfilters indicate that the site likely contains'。
|
|
|
|
|
|
self.matchContent(r"Accenture.{0,10}?webfilters indicate that the site likely contains")
|
|
|
|
|
|
]
|
|
|
|
|
|
# 如果方案列表中的任何一个条件为真,则认为检测到了 WAF。
|
|
|
|
|
|
if any(i for i in schemes):
|
|
|
|
|
|
return True
|
|
|
|
|
|
else:
|
|
|
|
|
|
return False
|
