YagamiiLight/Cerberus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update some details

Browse Source
This commit is contained in:
Chris
2019-12-24 03:14:32 +01:00
parent 8fbbb25d14
commit 731121b07e
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
data/payloads.py
View File

@@ -1,10 +1,10 @@
waf_checker = [ "'",
# "1 AND 1",
# "1/**/AND/**/1",
# "1 AND 1=1",
"1 AND 1",
"1/**/AND/**/1",
"1 AND 1=1",
"1 AND 1 LIKE 1",
"<img src=x onerror=alert('XSS')>",
# "<img onfoo=f()>",
"<img onfoo=f()>",
"<script>alert('intrusion')</script>",
" ' AND '1'='1"]

4
strike/detect_waf.py
View File

@@ -30,9 +30,11 @@ def check_waf(target, logger_type, proxy = None):
try:
target, payload = chambering(target, strike=True, payload=intruder)
response = requester(target, payload, GET=True, timeout=5, proxy=proxy)
if not response is None:
page, code, headers = response.text, response.status_code, response.headers
if int(code) >= 400:
if code >= 400:
match = 0
for waf_name, waf_signature in waf_data.items():