s0md3v/XSStrike
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e03c2dbb05d0d9dd9cb9c08f1acd35abaa435f4c
XSStrike/core/wafDetector.py
Somdev Sangwan 98c6b347b4 Logging functionality (#193) 
* Add files via upload

* Add files via upload

* Logging functionality (Resolves #146)

* Created customized logger and setup file

* Start replacing prints

* Custom StreamHandler to allow '\r' as line terminator and updated more prints

* Remove setup.py

* Logger functionality to write red lines and records without format

* Possibility to set logging level when logging without format and usage of debug level instead of verboseOutput

* Replace utils logger function calls

* Fixes

* Import missing info color

* Move xsstrike.py imports to properly initialize loggers and add logger method to debug data using json

* Minor fix
2019-01-21 04:57:55 +05:30

51 lines
1.8 KiB
Python
Raw Blame History

import json
import re
import sys
from core.requester import requester
from core.log import setup_logger
logger = setup_logger(__name__)
def wafDetector(url, params, headers, GET, delay, timeout):
with open(sys.path[0] + '/db/wafSignatures.json', 'r') as file:
wafSignatures = json.load(file)
# a payload which is noisy enough to provoke the WAF
noise = '<script>alert("XSS")</script>'
params['xss'] = noise
# Opens the noise injected payload
response = requester(url, params, headers, GET, delay, timeout)
page = response.text
code = str(response.status_code)
headers = str(response.headers)
logger.debug('Waf Detector code: {}'.format(code))
logger.debug_json('Waf Detector headers:', response.headers)
if int(code) >= 400:
bestMatch = [0, None]
for wafName, wafSignature in wafSignatures.items():
score = 0
pageSign = wafSignature['page']
codeSign = wafSignature['code']
headersSign = wafSignature['headers']
if pageSign:
if re.search(pageSign, page, re.I):
score += 1
if codeSign:
if re.search(codeSign, code, re.I):
score += 0.5 # increase the overall score by a smaller amount because http codes aren't strong indicators
if headersSign:
if re.search(headersSign, headers, re.I):
score += 1
# if the overall score of the waf is higher than the previous one
if score > bestMatch[0]:
del bestMatch[:] # delete the previous one
bestMatch.extend([score, wafName]) # and add this one
if bestMatch[0] != 0:
return bestMatch[1]
else:
return None
else:
return None
Reference in New Issue View Git Blame Copy Permalink