コード例 #1
0
ファイル: sonicWALL.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    if match_type.match_header(respDict, ("Server", "SonicWALL")):
        return True
    if match_type.match_content(respDict,
                                "This request is blocked by the SonicWALL"):
        return True
    if match_type.match_content(
            respDict, "Web Site Blocked") and match_type.match_content(
                respDict, "document.getElementById(\"nsa_banner"):
        return True
    return False
コード例 #2
0
ファイル: isaserver.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    invalidhostresp = respDict['invalidHost']
    if match_type.match_content({
            'invalidhost': invalidhostresp
    }, "The server denied the specified Uniform Resource Locator (URL). Contact the server administrator"
                                ):
        return True
    if match_type.match_content({
            'invalidhost': invalidhostresp
    }, "The ISA Server denied the specified Uniform Resource Locator (URL)"):
        return True
    return False
コード例 #3
0
def is_waf(respDict):
    if match_type.match_content(
            respDict,
            "ASP.NET has detected data in the request that is potentially dangerous"
    ):
        return True
    if match_type.match_content(
            respDict,
            "Request Validation has detected a potentially dangerous client input value"
    ):
        return True
    return False
コード例 #4
0
def is_waf(respDict):
    if match_type.match_header(respDict, ("Server", "jiasule-WAF")):
        return True
    if match_type.match_header(respDict, ("Set-Cookie", "__jsluid=")):
        return True
    if match_type.match_content(
            respDict, "static\.jiasule\.com/static/js/http_error\.js"):
        return True
コード例 #5
0
def is_waf(respDict):
    # the following based on nmap's http-waf-fingerprint.nse
    if match_type.match_header(
            respDict,
        ('Server', '(mod_security|Mod_Security|NOYB)')):  #from sqlmap waf
        return True
    if match_type.match_status_content(
            respDict,
        (501, "Reference #[0-9A-Fa-f.]+")):  #from sqlmap waf modsecurity
        return True
    if match_type.match_content(respDict,
                                "This error was generated by Mod_Security"
                                ):  #from sqlmap waf modsecurity
        return True
    return False
コード例 #6
0
ファイル: knowsec.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    if match_type.match_content(respDict, "url\('/ks-waf-error\.png'\)"):
        return True
コード例 #7
0
ファイル: senginx.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    if match_type.match_content(respDict, "SENGINX-ROBOT-MITIGATION"):
        return True
    return False
コード例 #8
0
ファイル: dotdefender.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    if  match_type.match_header(respDict,('X-dotDefender-denied', '^1$')):
        return True
    if match_type.match_content(respDict,'dotDefender Blocked Your Request'):
        return True
    return False
コード例 #9
0
def is_waf(respDict):
    if match_type.match_content(respDict,"Unauthorized Activity Has Been Detected.+Case Number:"):
        return True
    if match_type.match_header(respDict,("X-SL-CompState",".")):
        return True
    return False
コード例 #10
0
ファイル: paloato.py プロジェクト: Aymdis/wafmap 
def is_waf(respDict):
    if match_type.match_content(
            respDict,
            "Access[^<]+has been blocked in accordance with company policy"):
        return True
    return False