Minor update

2025-12-09 06:01:29 +00:00 · 2019-01-07 13:45:01 +01:00
parent 9f75fd4fb8
commit 12883cac16
3 changed files with 5 additions and 4 deletions
--- a/waf/reblaze.py
+++ b/waf/reblaze.py
@@ -16,9 +16,10 @@ def detect(get_page):
    retval = False

    for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
+        page, headers, _ = get_page(get=vector)
        retval = re.search(r"\Arbzid=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
        retval |= re.search(r"Reblaze Secure Web Gateway", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
+        retval |= all(_ in (page or "") for _ in ("Current session has been terminated", "For further information, do not hesitate to contact us", "Access denied (403)"))
        if retval:
            break