You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
'''
|
|
|
|
|
|
Copyright (C) 2020, WAFW00F Developers.
|
|
|
|
|
|
See the LICENSE file for copying permission.
|
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
|
|
|
|
NAME = 'Cloudbric (Penta Security)'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def is_waf(self):
|
|
|
|
|
|
# 定义用于检测是否存在特定 Web 应用防火墙(WAF)的方案列表。
|
|
|
|
|
|
schemes = [
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,标题为'Cloudbric...ERROR!',后面可能跟最多五个任意字符。
|
|
|
|
|
|
self.matchContent(r'<title>Cloudbric.{0,5}?ERROR!'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示请求被 Cloudbric 阻止。
|
|
|
|
|
|
self.matchContent(r'Your request was blocked by Cloudbric'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示请联系 Cloudbric 支持。
|
|
|
|
|
|
self.matchContent(r'please contact Cloudbric Support'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,即'cloudbric.zendesk.com'。
|
|
|
|
|
|
self.matchContent(r'cloudbric\.zendesk\.com'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示'Cloudbric Help Center'。
|
|
|
|
|
|
self.matchContent(r'Cloudbric Help Center'),
|
|
|
|
|
|
# 检查响应内容中是否包含特定字符串,表示' malformed request syntax...invalid request message framing...or deceptive request routing',其中'...'表示中间可能有最多四个任意字符。
|
|
|
|
|
|
self.matchContent(r'malformed request syntax.{0,4}?invalid request message framing.{0,4}?or deceptive request routing')
|
|
|
|
|
|
]
|
|
|
|
|
|
# 如果方案列表中的任何一个方案为真,则认为检测到了 WAF。
|
|
|
|
|
|
if any(i for i in schemes):
|
|
|
|
|
|
return True
|
|
|
|
|
|
else:
|
|
|
|
|
|
return False
|
