You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
'''
|
|
|
|
|
|
Copyright (C) 2020, WAFW00F Developers.
|
|
|
|
|
|
See the LICENSE file for copying permission.
|
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
|
|
NAME = 'WP Cerber Security (Cerber Tech)'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def is_waf(self):
|
|
|
|
|
|
# 定义用于检测是否存在特定 Web 应用防火墙(WAF)的方案列表。
|
|
|
|
|
|
schemes = [
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示请求看起来可疑或类似于自动化请求。
|
|
|
|
|
|
self.matchContent(r'your request looks suspicious or similar to automated'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示服务器停止处理请求。
|
|
|
|
|
|
self.matchContent(r'our server stopped processing your request'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示很抱歉,不允许继续进行。
|
|
|
|
|
|
self.matchContent(r'We.re sorry.{0,10}?you are not allowed to proceed'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示请求来自垃圾邮件发布软件。
|
|
|
|
|
|
self.matchContent(r'requests from spam posting software'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示页面标题为'403 Access Forbidden'。
|
|
|
|
|
|
self.matchContent(r'<title>403 Access Forbidden')
|
|
|
|
|
|
]
|
|
|
|
|
|
# 如果方案列表中的所有方案都为真,则认为检测到了 WAF。
|
|
|
|
|
|
if all(i for i in schemes):
|
|
|
|
|
|
return True
|
|
|
|
|
|
else:
|
|
|
|
|
|
return False
|
